CVE-2026-23048
udp: call skb_orphan() before skb_attempt_defer_free()
In the Linux kernel, the following vulnerability has been resolved:
udp: call skb_orphan() before skb_attempt_defer_free()
Standard UDP receive path does not use skb->destructor.
But skmsg layer does use it, since it calls skb_set_owner_sk_safe()
from udp_read_skb().
This then triggers this warning in skb_attempt_defer_free():
DEBUG_NET_WARN_ON_ONCE(skb->destructor);
We must call skb_orphan() to fix this issue.
Productos afectados
Linux · Linux¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →