SB2026050260 - Double free in Linux kernel x25
Published: May 2, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Double free (CVE-ID: CVE-2026-43011)
CWE-ID: CWE-415 - Double Free
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to cause a denial of service.
The vulnerability exists due to double free in x25_queue_rx_frame and x25_backlog_rcv when processing received x25 frames after alloc_skb failure. A local attacker can trigger the error path to cause a denial of service.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/143d4fa68ae9efb83b0c55b12cc7f0d03732a2b1
- https://git.kernel.org/stable/c/3f5e3005984645bf5bd129c6b13149879580b1fb
- https://git.kernel.org/stable/c/524371398d8463ea7e101fce2cbf3915645d1730
- https://git.kernel.org/stable/c/5d0aa038a90b30c9bedde0c41c1fdcd98ecb16e9
- https://git.kernel.org/stable/c/c87dd137c0dad07cc55f98181ff380b0c23d2878
- https://git.kernel.org/stable/c/d10a26aa4d072320530e6968ef945c8c575edf61
- https://git.kernel.org/stable/c/f782dd382203b2a8c4552a628431b7de65a19a7b
- https://git.kernel.org/stable/c/fa1dbc93530b34fab0da9862426fe9c918c74dc0