CVE-2026-46162
Essential information
- Published
- 28/05/2026 10:16
- Modified
- 28/05/2026 13:44
- Author
- —
- Creator
- —
- CISA KEV
- No
- CWE
- —
- CVSS vector
- — — —
Description
In the Linux kernel, the following vulnerability has been resolved:
ice: fix double free in ice_sf_eth_activate() error path
When auxiliary_device_add() fails, ice_sf_eth_activate() jumps to
aux_dev_uninit and calls auxiliary_device_uninit(&sf_dev->adev).
The device release callback ice_sf_dev_release() frees sf_dev, but
the current error path falls through to sf_dev_free and calls
kfree(sf_dev) again, causing a double free.
Keep kfree(sf_dev) for the auxiliary_device_init() failure path, but
avoid falling through to sf_dev_free after auxiliary_device_uninit().
NVD status
- Status
- Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| linux / linux kernel | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |