Race condition in Linux kernel - CVE-2026-52945
Published: June 25, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper state management in the WireGuard receive queue and NAPI handling logic when processing encrypted network packets under heavy networking load. A remote attacker can send network traffic that triggers a stalled decryption state for a WireGuard peer to cause a denial of service.
Only the decryption side for an affected WireGuard peer is impacted, and once triggered the condition does not recover automatically.