CVE-2026-23154

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: fix segmentation of forwarding fraglist GRO<br /> <br /> This patch enhances GSO segment handling by properly checking<br /> the SKB_GSO_DODGY flag for frag_list GSO packets, addressing<br /> low throughput issues observed when a station accesses IPv4<br /> servers via hotspots with an IPv6-only upstream interface.<br /> <br /> Specifically, it fixes a bug in GSO segmentation when forwarding<br /> GRO packets containing a frag_list. The function skb_segment_list<br /> cannot correctly process GRO skbs that have been converted by XLAT,<br /> since XLAT only translates the header of the head skb. Consequently,<br /> skbs in the frag_list may remain untranslated, resulting in protocol<br /> inconsistencies and reduced throughput.<br /> <br /> To address this, the patch explicitly sets the SKB_GSO_DODGY flag<br /> for GSO packets in XLAT&amp;#39;s IPv4/IPv6 protocol translation helpers<br /> (bpf_skb_proto_4_to_6 and bpf_skb_proto_6_to_4). This marks GSO<br /> packets as potentially modified after protocol translation. As a<br /> result, GSO segmentation will avoid using skb_segment_list and<br /> instead falls back to skb_segment for packets with the SKB_GSO_DODGY<br /> flag. This ensures that only safe and fully translated frag_list<br /> packets are processed by skb_segment_list, resolving protocol<br /> inconsistencies and improving throughput when forwarding GRO packets<br /> converted by XLAT.