Improper resource shutdown or release in Linux kernel - CVE-2026-53229
Published: June 26, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper resource shutdown or release in mlx5e_xmit_xdp_buff() in the mlx5 XDP transmit path when handling XDP_TX transmission failures in the XSK branch. A local user can trigger an XDP_TX transmit failure to cause a denial of service.
The issue occurs when sq->xmit_xdp_frame() returns false, such as when the XDPSQ is full, leaving DMA mappings and xdp_frame objects unreleased.