Primary

Context

Linux Kernel FunctionFS Use-After-Free Vulnerability in File Handling

Vulnerability

Patched

A use-after-free vulnerability has been identified in the Linux kernel's FunctionFS component, specifically within the file handling operations. This issue arises because the file opening process can overlap with the removal of files, leading to a situation where the private data of a file points to a freed object. The vulnerability is present in the FunctionFS implementation of the USB gadget subsystem.

Impact

Exploitation of this vulnerability can lead to a use-after-free condition, allowing for potential arbitrary memory access or manipulation.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for upgrading the kernel can be found in the official Linux documentation.

Added: Jan 13, 2026, 5:02 PM

Updated: Jan 13, 2026, 5:02 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

7.7

relevance

2.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

7.7

relevance

2.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel FunctionFS Use-After-Free Vulnerability in File Handling

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating