Use-After-Free Vulnerability in Linux Kernel HID Appletb Keyboard Driver
CVE-2026-46213

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 May 2026

What is CVE-2026-46213?

A use-after-free vulnerability has been identified in the HID appletb keyboard driver within the Linux kernel. Failure to properly manage the inactivity timer during driver teardown can lead to memory safety issues. Specifically, if a backlight device is freed while still being referenced by a timer, it can result in accessing freed memory. This can be triggered through concurrent operations that manipulate the lifecycle of the backlight device. Enhanced synchronization measures are necessary to prevent the re-arming of the timer after the device has been freed, which is the root cause of the memory corruption.

Affected Version(s)

Linux 38224c472a038fa9ccd4085511dd9f3d6119dbf9 < 59a79938ca5541fe55d675304116b7ea684afef0

Linux 38224c472a038fa9ccd4085511dd9f3d6119dbf9 < 93d989e47bc316c793a69c6a332e053c90e29f02

Linux 38224c472a038fa9ccd4085511dd9f3d6119dbf9 < 4db2af929279c799b5653a39eb0795c72baffca4

References

https://git.kernel.org/stable/c/59a79938ca5541fe55d675304...

https://git.kernel.org/stable/c/93d989e47bc316c793a69c6a3...

https://git.kernel.org/stable/c/4db2af929279c799b5653a39e...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46213 Data

JSON