-

CVE-2026-22994

EPSS 0.02%
Veröffentlicht 23.01.2026 15:24:14
Zuletzt bearbeitet 26.01.2026 15:03:33
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix reference count leak in bpf_prog_test_run_xdp()

syzbot is reporting

  unregister_netdevice: waiting for sit0 to become free. Usage count = 2

problem. A debug printk() patch found that a refcount is obtained at
xdp_convert_md_to_buff() from bpf_prog_test_run_xdp().

According to commit ec94670fcb3b ("bpf: Support specifying ingress via
xdp_md context in BPF_PROG_TEST_RUN"), the refcount obtained by
xdp_convert_md_to_buff() will be released by xdp_convert_buff_to_md().

Therefore, we can consider that the error handling path introduced by
commit 1c1949982524 ("bpf: introduce frags support to
bpf_prog_test_run_xdp()") forgot to call xdp_convert_buff_to_md().

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 8

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 368569bc546d3368ee9980ba79fc42fdff9a3365

Version 1c194998252469cad00a08bd9ef0b99fd255c260

Status affected

Version < 98676ee71fd4eafeb8be63c7f3f1905d40e03101

Version 1c194998252469cad00a08bd9ef0b99fd255c260

Status affected

Version < fb9ef40cccdbacce36029b305d0ef1e12e4fea38

Version 1c194998252469cad00a08bd9ef0b99fd255c260

Status affected

Version < 737be05a765761d7d7c9f7fe92274bd8e6f6951e

Version 1c194998252469cad00a08bd9ef0b99fd255c260

Status affected

Version < ec69daabe45256f98ac86c651b8ad1b2574489a7

Version 1c194998252469cad00a08bd9ef0b99fd255c260

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.18

Status affected

Version < 5.18

Version 0

Status unaffected

Version <= 6.1.*

Version 6.1.161

Status unaffected

Version <= 6.6.*

Version 6.6.121

Status unaffected

Version <= 6.12.*

Version 6.12.66

Status unaffected

Version <= 6.18.*

Version 6.18.6

Status unaffected

Version <= *

Version 6.19-rc6

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.056

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/368569bc546d3368ee9980ba79fc42fdff9a3365

https://git.kernel.org/stable/c/98676ee71fd4eafeb8be63c7f3f1905d40e03101

https://git.kernel.org/stable/c/fb9ef40cccdbacce36029b305d0ef1e12e4fea38

https://git.kernel.org/stable/c/737be05a765761d7d7c9f7fe92274bd8e6f6951e

https://git.kernel.org/stable/c/ec69daabe45256f98ac86c651b8ad1b2574489a7

https://nvd.nist.gov/vuln/detail/CVE-2026-22994

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-22994

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-22994

EUVD