Upstream information
Description
In the Linux kernel, the following vulnerability has been resolved:net: mana: fix use-after-free in add_adev() error path
If auxiliary_device_add() fails, add_adev() jumps to add_fail and calls
auxiliary_device_uninit(adev).
The auxiliary device has its release callback set to adev_release(),
which frees the containing struct mana_adev. Since adev is embedded in
struct mana_adev, the subsequent fall-through to init_fail and access
to adev->id may result in a use-after-free.
Fix this by saving the allocated auxiliary device id in a local
variable before calling auxiliary_device_add(), and use that saved id
in the cleanup path after auxiliary_device_uninit().
SUSE information
Overall state of this security issue: Does not affect SUSE products
SUSE Bugzilla entry: 1264053 [NEW] No SUSE Security Announcements cross referenced.SUSE Timeline for this CVE
CVE page created: Tue May 5 15:30:40 2026CVE page last modified: Fri May 8 12:08:59 2026