๐Ÿ” CVE Alert

CVE-2026-46102

HIGH 7.5

net: strparser: fix skb_head leak in strp_abort_strp()

CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th

In the Linux kernel, the following vulnerability has been resolved: net: strparser: fix skb_head leak in strp_abort_strp() When the stream parser is aborted, for example after a message assembly timeout, it can still hold a reference to a partially assembled message in strp->skb_head. That skb is not released in strp_abort_strp(), which leaks the partially assembled message and can be triggered repeatedly to exhaust memory. Fix this by freeing strp->skb_head and resetting the parser state in the abort path. Leave strp_stop() unchanged so final cleanup still happens in strp_done() after the work and timer have been synchronized.

Vendor linux
Product linux
Ecosystems
Industries
Technology
Published May 27, 2026
Last Updated Jun 1, 2026
Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new high vulnerabilities affecting linux linux are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

Linux / Linux
43a0c6751a322847cb6fa0ab8cbf77a1d08bfc0a < d6668ce0e78d23eabecef9a6bc4f0f739cb28ad3 43a0c6751a322847cb6fa0ab8cbf77a1d08bfc0a < a470ed71c906cc8cbad0d74c9942216698911f8b 43a0c6751a322847cb6fa0ab8cbf77a1d08bfc0a < c2e57695ec9ff9d42f23de70f3805199153d007b 43a0c6751a322847cb6fa0ab8cbf77a1d08bfc0a < e9ae00490d474757c0f9c65073de83e6bb1e5a00 43a0c6751a322847cb6fa0ab8cbf77a1d08bfc0a < 5327dad2ffe9c1b49881dd6d51ff3c6893847568 43a0c6751a322847cb6fa0ab8cbf77a1d08bfc0a < 19ca9475f18f991735f98a22e735c43e95e6298d 43a0c6751a322847cb6fa0ab8cbf77a1d08bfc0a < 56082f442023db9be1a5a29d4ee361de4017c0b7 43a0c6751a322847cb6fa0ab8cbf77a1d08bfc0a < fe72340daaf1af588be88056faf98965f39e6032
Linux / Linux
4.9

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
git.kernel.org: https://git.kernel.org/stable/c/d6668ce0e78d23eabecef9a6bc4f0f739cb28ad3 git.kernel.org: https://git.kernel.org/stable/c/a470ed71c906cc8cbad0d74c9942216698911f8b git.kernel.org: https://git.kernel.org/stable/c/c2e57695ec9ff9d42f23de70f3805199153d007b git.kernel.org: https://git.kernel.org/stable/c/e9ae00490d474757c0f9c65073de83e6bb1e5a00 git.kernel.org: https://git.kernel.org/stable/c/5327dad2ffe9c1b49881dd6d51ff3c6893847568 git.kernel.org: https://git.kernel.org/stable/c/19ca9475f18f991735f98a22e735c43e95e6298d git.kernel.org: https://git.kernel.org/stable/c/56082f442023db9be1a5a29d4ee361de4017c0b7 git.kernel.org: https://git.kernel.org/stable/c/fe72340daaf1af588be88056faf98965f39e6032