CVE-2026-46098

medium Red Hat
Published: May 27, 2026 (44 days ago)
Last Modified: May 27, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in the Linux kernel's CAIF network module. When a client is torn down, the `caif_free_client()` function frees a service pointer but leaves it in a stale state. If the socket is later destroyed, `caif_free_client()` may be called again, attempting to use the previously freed pointer. This can lead to memory corruption and potentially cause a system crash, resulting in a Denial of Service (DoS).

CWE

CWE-1341

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References