🔴 严重 | CVE-2026-52993 — In the Linux kernel, the following vulnerability h...
🔴 《严重安全漏洞:CVE-2026-52993》
CVSS 评分: 严重(9.8) 状态: Received 发布时间: 2026-06-24
英文原文描述
In the Linux kernel, the following vulnerability has been resolved:
tipc: fix double-free in tipc_buf_append()
tipc_msg_validate() can potentially reallocate the skb it is validating,
freeing the old one. In tipc_buf_append(), it was being called with a
pointer to a local variable which was a copy of the caller's skb
pointer.
If the skb was reallocated and validation subsequently failed, the error
handling path would free the original skb pointer, which had already
been freed, leading to double-free.
Fix this by checking if head now points to a newly allocated reassembled
skb. If it does, reassign *headbuf for later freeing operations.
🔍 技术细节
| 字段 | 值 |
|---|---|
| CVE ID | CVE-2026-52993 |
| CVSS 评分 | 9.8 🔴 |
| 严重程度 | 严重 |
| CVSS 向量 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 发布时间 | 2026-06-24 |
| 最后更新 | 2026-06-28 |
| 状态 | Received |
| 数据来源 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
🔗 参考链接
https://git.kernel.org/stable/c/0274f24485fc38032d4093e463dc3ff5c7a667c9
https://git.kernel.org/stable/c/1d5e589055880fae229e229e1929e087dbe08cf3
https://git.kernel.org/stable/c/29940fff14110ca48c5ccc168d121665b51bb778
https://git.kernel.org/stable/c/4d104882bc815d4ec666ace9155f5f52715879a6
https://git.kernel.org/stable/c/4ee4deadaae7cb2e3d53af0fc889cf92a73413c0
https://git.kernel.org/stable/c/a438975a6dcdbd70865978c021650d1485586f0b
https://git.kernel.org/stable/c/d293ca716e7d5dffdaecaf6b9b2f857a33dc3d3a
https://git.kernel.org/stable/c/d3556656c6daebf8def751c7e71d11dd0a180d24
🤖 本文由 CVE 安全快讯机器人自动生成
英文描述已由 AI 自动翻译为中文,仅供参考,请以原文为准
数据来源: NVD (National Vulnerability Database) | 获取时间: 2026-06-28 18:14