CVE-2026-52993

UNKNOWN 0.0

tipc: fix double-free in tipc_buf_append()

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: tipc: fix double-free in tipc_buf_append() tipc_msg_validate() can potentially reallocate the skb it is validating, freeing the old one. In tipc_buf_append(), it was being called with a pointer to a local variable which was a copy of the caller's skb pointer. If the skb was reallocated and validation subsequently failed, the error handling path would free the original skb pointer, which had already been freed, leading to double-free. Fix this by checking if head now points to a newly allocated reassembled skb. If it does, reassign *headbuf for later freeing operations.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jun 24, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

d618d09a68e4eed7a435beb2e355250f6f40664a < a438975a6dcdbd70865978c021650d1485586f0b d618d09a68e4eed7a435beb2e355250f6f40664a < 4ee4deadaae7cb2e3d53af0fc889cf92a73413c0 d618d09a68e4eed7a435beb2e355250f6f40664a < d3556656c6daebf8def751c7e71d11dd0a180d24 d618d09a68e4eed7a435beb2e355250f6f40664a < 0274f24485fc38032d4093e463dc3ff5c7a667c9 d618d09a68e4eed7a435beb2e355250f6f40664a < 4d104882bc815d4ec666ace9155f5f52715879a6 d618d09a68e4eed7a435beb2e355250f6f40664a < 1d5e589055880fae229e229e1929e087dbe08cf3 d618d09a68e4eed7a435beb2e355250f6f40664a < 29940fff14110ca48c5ccc168d121665b51bb778 d618d09a68e4eed7a435beb2e355250f6f40664a < d293ca716e7d5dffdaecaf6b9b2f857a33dc3d3a

Linux / Linux

4.15

References

NVD ↗ CVE.org ↗ EPSS Data ↗