CVE-2026-23281Incorrect Synchronization in Linux

CWE-821Incorrect Synchronization9 documents8 sources
Severity
7.8HIGH
No vector
EPSS
0.0%
top 90.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
LinuxLinux Kernel
Timeline
PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix use-after-free in lbs_free_adapter() The lbs_free_adapter() function uses timer_delete() (non-synchronous) for both command_timer and tx_lockup_timer before the structure is freed. This is incorrect because timer_delete() does not wait for any running timer callback to complete. If a timer callback is executing when lbs_free_adapter() is called, the callback will access freed memory since lbs_cfg_free() fr

Affected Packages3 packages

Linuxlinux/linux_kernel2.6.246.1.167+4
Debianlinux/linux_kernel< 6.19.8-1
CVEListV5linux/linux954ee164f4f4598afc172c0ec3865d0352e55a0b3f9dec4a6d95d7f1f5e9e9dfdfa173c053bba8dc+6

🔴Vulnerability Details

4
GHSA
GHSA-f429-w42v-q89c: In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix use-after-free in lbs_free_adapter() The lbs_free_adapter()2026-03-25
CVEList
wifi: libertas: fix use-after-free in lbs_free_adapter()2026-03-25
OSV
CVE-2026-23281: In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix use-after-free in lbs_free_adapter() The lbs_free_adapter() fu2026-03-25
OSV
wifi: libertas: fix use-after-free in lbs_free_adapter()2026-03-25

📋Vendor Advisories

3
Red Hat
kernel: wifi: libertas: fix use-after-free in lbs_free_adapter()2026-03-25
Microsoft
wifi: libertas: fix use-after-free in lbs_free_adapter()2026-03-10
Debian
CVE-2026-23281: linux - In the Linux kernel, the following vulnerability has been resolved: wifi: liber...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23281 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23281 — Incorrect Synchronization in Linux | cvebase