CVE-2026-53248

medium Red Hat
EPSS Score
0.2%
Exploitation probability in 30 days
Top 92% most likely to be exploited
Published: June 25, 2026 (14 days ago)
Last Modified: June 25, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in the Linux kernel's airoha network driver. This use-after-free vulnerability occurs when the `airoha_metadata_dst_free()` function frees memory prematurely, before all references to it are released. If a network packet still holds a pointer to the freed memory, a use-after-free condition can arise. This could lead to system instability or potentially allow an attacker to escalate privileges.

CWE

CWE-911

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References