SB2026062654 - Improper control of a resource through its lifetime in Linux kernel bridge netfilter
Published: June 26, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Improper control of a resource through its lifetime (CVE-ID: CVE-2026-53266)
CWE-ID: CWE-664 - Improper control of a resource through its lifetime
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper memory handling in the ebtables SNAT target ARP sender hardware address rewrite in net/bridge/netfilter/ebt_snat.c when processing ARP packets in bridge netfilter hooks. A local user can trigger ARP sender hardware address rewriting on a crafted nonlinear skb to cause a denial of service.
Exploitation requires the ARP sender hardware address rewrite path to be reached with a nonlinear skb fragment backed by a splice-imported file page.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/153ea96c806aea395daba907a4f88480b6ad5093
- https://git.kernel.org/stable/c/67ba971ae02514d85818fe0c32549ab4bfa3bf49
- https://git.kernel.org/stable/c/76280b78cc9f23bdc6438e10ad6dff148ef8375b
- https://git.kernel.org/stable/c/afd64b59c3de9bbbdd3759e834fdc55cda716e0b
- https://git.kernel.org/stable/c/b18675263db1147c8e1cab625400c13a0d87bd2d
- https://git.kernel.org/stable/c/b7e91939ba9be805a62a257fa4e227dffbb88fa0
- https://git.kernel.org/stable/c/bf84ad7c7a9ede46e31afaa41a1ba06a159e8c87
- https://git.kernel.org/stable/c/c9b5ff59feffb92a147a84a5aa28acd2cb8ff4c5