Improper control of a resource through its lifetime in Linux kernel - CVE-2026-53266
Published: June 26, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper memory handling in the ebtables SNAT target ARP sender hardware address rewrite in net/bridge/netfilter/ebt_snat.c when processing ARP packets in bridge netfilter hooks. A local user can trigger ARP sender hardware address rewriting on a crafted nonlinear skb to cause a denial of service.
Exploitation requires the ARP sender hardware address rewrite path to be reached with a nonlinear skb fragment backed by a splice-imported file page.
How to mitigate CVE-2026-53266
Sources
- https://git.kernel.org/stable/c/153ea96c806aea395daba907a4f88480b6ad5093
- https://git.kernel.org/stable/c/67ba971ae02514d85818fe0c32549ab4bfa3bf49
- https://git.kernel.org/stable/c/76280b78cc9f23bdc6438e10ad6dff148ef8375b
- https://git.kernel.org/stable/c/afd64b59c3de9bbbdd3759e834fdc55cda716e0b
- https://git.kernel.org/stable/c/b18675263db1147c8e1cab625400c13a0d87bd2d
- https://git.kernel.org/stable/c/b7e91939ba9be805a62a257fa4e227dffbb88fa0
- https://git.kernel.org/stable/c/bf84ad7c7a9ede46e31afaa41a1ba06a159e8c87
- https://git.kernel.org/stable/c/c9b5ff59feffb92a147a84a5aa28acd2cb8ff4c5