CVE-2026-46153

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
28/05/2026
Last modified:
09/06/2026

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> 8021q: delete cleared egress QoS mappings<br /> <br /> vlan_dev_set_egress_priority() currently keeps cleared egress<br /> priority mappings in the hash as tombstones. Repeated set/clear cycles<br /> with distinct skb priorities therefore accumulate mapping nodes until<br /> device teardown and leak memory.<br /> <br /> Delete mappings when vlan_prio is cleared instead of keeping tombstones.<br /> Now that the egress mapping lists are RCU protected, the node can be<br /> unlinked safely and freed after a grace period.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 2.6.12.1 (including) 7.0.7 (excluding)
cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*