Primary

Context

Linux Kernel mlxsw Spectrum Router Neighbour Use-After-Free Vulnerability

Vulnerability

Patched

A use-after-free vulnerability has been identified in the Linux kernel's mlxsw spectrum router component. This issue arises when the driver dereferences a neighbour pointer without holding a proper reference, leading to a potential memory access error. The vulnerability was reproduced several times, indicating a reliability issue that could be exploited under certain conditions.

Impact

Exploitation of this vulnerability causes a use-after-free condition, which can lead to memory corruption and potentially allow for arbitrary code execution.

Reproduction

The vulnerability can be reproduced by running a specific test over 300 times, which consistently triggers the use-after-free issue. This test can be integrated into a script or a testing framework that simulates the conditions under which the vulnerability occurs.

Remediation

Users can apply the patch available in the Linux kernel stable tree to address this vulnerability.

Added: Jan 13, 2026, 6:09 PM

Updated: Jan 13, 2026, 6:09 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

2.0

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

2.0

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel mlxsw Spectrum Router Neighbour Use-After-Free Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating