SB2026062641 - Use-after-free in Linux kernel netfilter ipvs
Published: June 26, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Use-after-free (CVE-ID: CVE-2026-53270)
CWE-ID: CWE-416 - Use After Free
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local privileged user to cause a denial of service.
The vulnerability exists due to a use-after-free in the IPVS scheduler handling in ip_vs_edit_service() when editing a service and unbinding the old scheduler. A local privileged user can trigger service reconfiguration while packets are being scheduled to cause a denial of service.
The issue occurs because packets may continue using the old scheduler after its scheduling data has been freed following an RCU grace period.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/14e4689c113b4c06af1069364ade24fdd7055f33
- https://git.kernel.org/stable/c/193989cc6d80dd8e0460fb3992e69fa03bf0ff9b
- https://git.kernel.org/stable/c/19a9493faa4bf3c7bd0a386f30b60b1bb4a3da03
- https://git.kernel.org/stable/c/25918720ba97f974a4f8d433b5a0132c5b43f6f3
- https://git.kernel.org/stable/c/7d4f5004511757e3984901ffb412fcf858d80ed5
- https://git.kernel.org/stable/c/c6376b9b1b4d2bad638256b1b3588e073344ae69
- https://git.kernel.org/stable/c/d10730a1f2caf08088e0db1b19b242f3e6fa5f06
- https://git.kernel.org/stable/c/e4feec3174036ba772006be74beee0efa09a9eb8