-
CVE-2026-53014
- EPSS 0.17%
- Veröffentlicht 24.06.2026 16:29:24
- Zuletzt bearbeitet 10.07.2026 19:24:19
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
net/sched: act_mirred: fix wrong device for mac_header_xmit check in tcf_blockcast_redir
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: fix wrong device for mac_header_xmit check in tcf_blockcast_redir In tcf_blockcast_redir(), when iterating block ports to redirect packets to multiple devices, the mac_header_xmit flag is queried from the wrong device. The loop sends to dev_prev but queries dev_is_mac_header_xmit(dev) — which is the NEXT device in the iteration, not the one being sent to. This causes tcf_mirred_to_dev() to make incorrect decisions about whether to push or pull the MAC header. When the block contains mixed device types (e.g., an ethernet veth and a tunnel device), intermediate devices get the wrong mac_header_xmit flag, leading to skb header corruption. In the worst case, skb_push_rcsum with an incorrect mac_len can exhaust headroom and panic. The last device in the loop is handled correctly (line 365-366 uses dev_is_mac_header_xmit(dev_prev)), confirming this is a copy-paste oversight for the intermediate devices. Fix by using dev_prev instead of dev for the mac_header_xmit query, consistent with the device actually being sent to.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
42f39036cda808d3de243192a2cf5125f12f3047
Version <
8fda5174286119addd28473fb2ec5bdf521c05a8
Status
affected
Version
42f39036cda808d3de243192a2cf5125f12f3047
Version <
7db3e4e03032261b1b519341123fc30d995478ca
Status
affected
Version
42f39036cda808d3de243192a2cf5125f12f3047
Version <
4764953c4b47585eb72797b216b63a831dc0c7e6
Status
affected
Version
42f39036cda808d3de243192a2cf5125f12f3047
Version <
4510d140524ca7d6e772db962e013f26f09a63b1
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.8
Status
affected
Version
0
Version <
6.8
Status
unaffected
Version <=
6.12.*
Version
6.12.91
Status
unaffected
Version <=
6.18.*
Version
6.18.33
Status
unaffected
Version <=
7.0.*
Version
7.0.10
Status
unaffected
Version <=
*
Version
7.1
Status
unaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.063 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|
https://git.kernel.org/stable/c/8fda5174286119addd28473fb2ec5bdf521c05a8
https://git.kernel.org/stable/c/7db3e4e03032261b1b519341123fc30d995478ca
https://git.kernel.org/stable/c/4764953c4b47585eb72797b216b63a831dc0c7e6
https://git.kernel.org/stable/c/4510d140524ca7d6e772db962e013f26f09a63b1