Primary

Context

Linux Kernel PCI Hyper-V Double ida_free Vulnerability in hv_pci_probe Error Path

Vulnerability

Patched

A vulnerability in the Linux kernel's PCI Hyper-V driver can lead to a double free error. This occurs in the hv_pci_probe() function when the domain number is stored and then freed twice, causing a warning about an unallocated ID. The issue arises because both the PCI bus release function and the bridge release callback attempt to free the same domain number, leading to the double free condition.

Impact

Exploitation of this vulnerability causes a double free error, which can lead to memory corruption issues.

Added: May 6, 2026, 10:46 AM

Updated: May 6, 2026, 10:46 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

7.7

relevance

7.6

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

7.7

relevance

7.6

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel PCI Hyper-V Double ida_free Vulnerability in hv_pci_probe Error Path

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating