🔴 严重 | CVE-2026-53216 — In the Linux kernel, the following vulnerability has be
🔴 《严重安全漏洞:CVE-2026-53216》
CVSS 评分: 严重(9.8) CVE ID: CVE-2026-53216
漏洞描述
In the Linux kernel, the following vulnerability has been resolved:
net: mvpp2: limit XDP frame size to the RX buffer
mvpp2 has short and long BM pools, and short pool buffers can be smaller
than PAGE_SIZE. The XDP path nevertheless initializes every xdp_buff with
PAGE_SIZE as frame size.
XDP helpers use frame_sz to validate tail growth and to derive the hard
end of the data area. Advertising PAGE_SIZE for short buffers can let
bpf_xdp_adjust_tail() grow a packet past the real allocation, corrupting
memory or later tripping skb tailroom checks.
Initialize the XDP buffer with bm_pool->frag_size so XDP tailroom matches
the actual buffer backing the packet.
| 字段 | 值 |
|---|---|
| CVE ID | CVE-2026-53216 |
| CVSS 评分 | 9.8 |
| 严重程度 | 严重 |
| 发布时间 | 2026-06-25 |
| 状态 | Received |
数据来源: NVD | 获取时间: 2026-06-28 18:14
💬 评论