7.5

CVE-2026-52981

neigh: let neigh_xmit take skb ownership

In the Linux kernel, the following vulnerability has been resolved:

neigh: let neigh_xmit take skb ownership

neigh_xmit always releases the skb, except when no neighbour table is
found. But even the first added user of neigh_xmit (mpls) relied on
neigh_xmit to release the skb (or queue it for tx).

sashiko reported:
 If neigh_xmit() is called with an uninitialized neighbor table (for
 example, NEIGH_ND_TABLE when IPv6 is disabled), it returns -EAFNOSUPPORT
 and bypasses its internal out_kfree_skb error path.  Because the return
 value of neigh_xmit() is ignored here, does this leak the SKB?

Assume full ownership and remove the last code path that doesn't
xmit or free skb.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version 4fd3d7d9e868ffbdb0e7a67c5c8e9dfdcd846a62
Version < 8a89054a1ec0767aec25ed2bbac933da6ba3cf5a
Status affected
Version 4fd3d7d9e868ffbdb0e7a67c5c8e9dfdcd846a62
Version < 9247d59ca15bf60a57dca08103f055d8a4340877
Status affected
Version 4fd3d7d9e868ffbdb0e7a67c5c8e9dfdcd846a62
Version < 0084712e0bee204b284510cdb63182fd5a30c2b7
Status affected
Version 4fd3d7d9e868ffbdb0e7a67c5c8e9dfdcd846a62
Version < 63063ba60d2dc334e34f1e3f9271d7f3f6f30307
Status affected
Version 4fd3d7d9e868ffbdb0e7a67c5c8e9dfdcd846a62
Version < 445e45a2c3a078316a62d2d331a570cf34ef5079
Status affected
Version 4fd3d7d9e868ffbdb0e7a67c5c8e9dfdcd846a62
Version < 4438113be604ee67a7bf4f81da6e1cca41332ce4
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 4.1
Status affected
Version 0
Version < 4.1
Status unaffected
Version <= 6.1.*
Version 6.1.175
Status unaffected
Version <= 6.6.*
Version 6.6.141
Status unaffected
Version <= 6.12.*
Version 6.12.91
Status unaffected
Version <= 6.18.*
Version 6.18.33
Status unaffected
Version <= 7.0.*
Version 7.0.10
Status unaffected
Version <= *
Version 7.1
Status unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.54% 0.413
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/8a89054a1ec0767aec25ed2bbac933da6ba3cf5a
https://git.kernel.org/stable/c/9247d59ca15bf60a57dca08103f055d8a4340877
https://git.kernel.org/stable/c/0084712e0bee204b284510cdb63182fd5a30c2b7
https://git.kernel.org/stable/c/63063ba60d2dc334e34f1e3f9271d7f3f6f30307
https://git.kernel.org/stable/c/445e45a2c3a078316a62d2d331a570cf34ef5079
https://git.kernel.org/stable/c/4438113be604ee67a7bf4f81da6e1cca41332ce4