CVE-2026-53079
UnknownSummary
A vulnerability has been identified in the Linux kernel related to a memory leak in the network stack during the removal of packets from the deferred list. The issue occurs when the root qdisc does not implement the TCQ_F_DEQUEUE_DROPS flag, leading to packets being stranded in the local to_free list.
Risk Assessment
Organizations may experience memory leaks, which can lead to reduced system performance and potential availability issues with network services.
Recommendation
It is recommended to update the Linux kernel to the latest version to mitigate this vulnerability and prevent memory leaks.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: net_sched: fix skb memory leak in deferred qdisc drops When the network stack cleans up the deferred list via qdisc_run_end(), it operates on the root qdisc. If the root qdisc do not implement the TCQ_F_DEQUEUE_DROPS flag the packets queue to free are never freed and gets stranded on the child's local to_free list. Fix this by making qdisc_dequeue_drop() aware of the root qdisc. It fetches the root qdisc and check for the TCQ_F_DEQUEUE_DROPS flag. If the flag is present, the packet is appended directly to the root's to_free list. Otherwise, drop it directly as it was done before the optimization was implemented.

