In vpu_open_inst of vpu_ioctl.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2026-0112
NONE
EPSS 0.01%
Updated Mar 10, 2026
In
CVE Details
CVE ID
CVE-2026-0112
Published Date
Mar 10, 2026
Vendor
In
Severity
NONE
Exploit Prediction (EPSS)
Probability of Exploit
0.01%
Likelihood of exploitation in next 30 days
Percentile:
0.8th percentile (higher than 0.8% of all CVEs)
Standard patching cycle
Impact
Minimal impact
Source
View Advisory