CVE-2026-45866

medium Red Hat
EPSS Score
0.0%
Exploitation probability in 30 days
Top 93% most likely to be exploited
Published: May 27, 2026 (44 days ago)
Last Modified: May 27, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in the Linux kernel's CAIF serial line discipline. A race condition exists between the `ldisc_close()` function, which frees the terminal (tty) device, and the `handle_tx()` function, which may attempt to access the freed device. This use-after-free (UAF) vulnerability allows a local attacker to potentially cause system instability or execute arbitrary code.

CWE

CWE-364

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References