๐Ÿ” CVE Alert

CVE-2026-23098

HIGH 8.8

netrom: fix double-free in nr_route_frame()

CVSS Score
8.8
EPSS Score
0.0%
EPSS Percentile
3th

In the Linux kernel, the following vulnerability has been resolved: netrom: fix double-free in nr_route_frame() In nr_route_frame(), old_skb is immediately freed without checking if nr_neigh->ax25 pointer is NULL. Therefore, if nr_neigh->ax25 is NULL, the caller function will free old_skb again, causing a double-free bug. Therefore, to prevent this, we need to modify it to check whether nr_neigh->ax25 is NULL before freeing old_skb.

Vendor linux
Product linux
Ecosystems
Industries
Technology
Published Feb 4, 2026
Last Updated Apr 3, 2026
Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new high vulnerabilities affecting linux linux are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

Linux / Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 25aab6bfc31017a7e52035b99aef5c2b6bde8ffb 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6e0110ea90313b7c0558a0b77038274a6821caf8 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7c48fdf2d1349bb54815b56fb012b9d577707708 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < bd8955337e3764f912f49b360e176d8aaecf7016 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 94d1a8bd08af1f4cc345c5c29f5db1ea72b8bb8c 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 9f5fa78d9980fe75a69835521627ab7943cb3d67 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < ba1096c315283ee3292765f6aea4cca15816c4f7
Linux / Linux
2.6.12

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
git.kernel.org: https://git.kernel.org/stable/c/25aab6bfc31017a7e52035b99aef5c2b6bde8ffb git.kernel.org: https://git.kernel.org/stable/c/6e0110ea90313b7c0558a0b77038274a6821caf8 git.kernel.org: https://git.kernel.org/stable/c/7c48fdf2d1349bb54815b56fb012b9d577707708 git.kernel.org: https://git.kernel.org/stable/c/bd8955337e3764f912f49b360e176d8aaecf7016 git.kernel.org: https://git.kernel.org/stable/c/94d1a8bd08af1f4cc345c5c29f5db1ea72b8bb8c git.kernel.org: https://git.kernel.org/stable/c/9f5fa78d9980fe75a69835521627ab7943cb3d67 git.kernel.org: https://git.kernel.org/stable/c/ba1096c315283ee3292765f6aea4cca15816c4f7