Use-After-Free Vulnerability in Linux Kernel's cfg80211 Component
CVE-2026-23336

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 March 2026

What is CVE-2026-23336?

A use-after-free error has been identified in the Linux kernel's cfg80211 component, specifically in the shutdown of all wireless interfaces. This issue occurs when the rfkill_block work is not properly canceled during the unregistration of the wiphy, potentially leading to system instability or security risks. The vulnerability was discovered by the Linux Verification Center using Syzkaller.

Affected Version(s)

Linux 1f87f7d3a3b42b20f34cb03f0fd1a41c3d0e27f3

Linux 1f87f7d3a3b42b20f34cb03f0fd1a41c3d0e27f3 < 57e39fe8da573435fa35975f414f4dc17d9f8449

References

https://git.kernel.org/stable/c/eeea8da43ab86ac0a6b9cec22...

https://git.kernel.org/stable/c/fa18639deab4a3662d543200c...

https://git.kernel.org/stable/c/57e39fe8da573435fa35975f4...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 25, 2026
Vulnerability Reserved
Jan 13, 2026

CVE-2026-23336 Data

JSON