CVE-2026-53079
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
net_sched: fix skb memory leak in deferred qdisc drops
When the network stack cleans up the deferred list via qdisc_run_end(), it operates on the root qdisc. If the root qdisc do not implement the TCQ_F_DEQUEUE_DROPS flag the packets queue to free are never freed and gets stranded on the child's local to_free list.
Fix this by making qdisc_dequeue_drop() aware of the root qdisc. It fetches the root qdisc and check for the TCQ_F_DEQUEUE_DROPS flag. If the flag is present, the packet is appended directly to the root's to_free list. Otherwise, drop it directly as it was done before the optimization was implemented.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | a6efc273ab8245722eee2150fa12cf75781dc410 < bf26ad92ffda7884825d67b46bd5efe615c3babf | affected |
| Linux | Linux | a6efc273ab8245722eee2150fa12cf75781dc410 < a6bd339dbb3514bce690fdcf252e788dfab4ee76 | affected |
| Linux | Linux | 6.19 | affected |
| Linux | Linux | 0 < 6.19 | unaffected |
| Linux | Linux | 7.0.10 <= 7.0.* | unaffected |
| Linux | Linux | 7.1 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/bf26ad92ffda7884825d67b46bd5efe615c3babf
- https://git.kernel.org/stable/c/a6bd339dbb3514bce690fdcf252e788dfab4ee76
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.