CVE-2026-6424

Summary

Use-after-free vulnerability in ESET Linux products potentially allowed an attacker to trigger kernel panic on the system

Affected Software

VendorProductVersion RangeStatus
ESET, spol. s.r.o.ESET Endpoint Antivirus for Linux13.1 <= 13.1.3.0affected
ESET, spol. s.r.o.ESET Endpoint Antivirus for Linux13.0 <= 13.0.3.0affected
ESET, spol. s.r.o.ESET Endpoint Antivirus for Linux12.2 <= 12.2.8.0affected
ESET, spol. s.r.o.ESET Endpoint Antivirus for Linux12.1 <= 12.1.1.0affected
ESET, spol. s.r.o.ESET Endpoint Antivirus for Linux12.0 <= 12.0.13.0affected
ESET, spol. s.r.o.ESET Endpoint Antivirus for Linux13.2.3.0unaffected
ESET, spol. s.r.o.ESET Server Security for Linux13.1 <= 13.1.116.0affected
ESET, spol. s.r.o.ESET Server Security for Linux13.0 <= 13.0.34.0affected
ESET, spol. s.r.o.ESET Server Security for Linux12.2 <= 12.2.72.0affected
ESET, spol. s.r.o.ESET Server Security for Linux12.1 <= 12.1.406.0affected
ESET, spol. s.r.o.ESET Server Security for Linux12.0 <= 12.0.287.0affected
ESET, spol. s.r.o.ESET Server Security for Linux13.2.53.0unaffected

Weaknesses

  • CWE-416: CWE-416 Use after free

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References