In the Linux kernel, the following vulnerability has been resolved:
mshv: Fix use-after-free in mshvmapuser_memory error path
In the error path of mshvmapuser_memory(), calling vfree() directly on the region leaves the MMU notifier registered. When userspace later unmaps the memory, the notifier fires and accesses the freed region, causing a use-after-free and potential kernel panic.
Replace vfree() with mshvpartitionput() to properly unregister the MMU notifier before freeing the region.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23432.json",
"cna_assigner": "Linux"
}