Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Linux Distros Unpatched Vulnerability : CVE-2026-53009

🗓️ 25 Jun 2026 00:00:00Reported by TenableType 
nessus
 nessus🔗 www.tenable.com👁 2 Views

Linux host vulnerable to CVE-2026-53009 in ice driver; fixes double-free of tx_buf skb on errors.

Related
Refs
Code
ReporterTitlePublishedViews
Family
ATTACKERKB		CVE-2026-53009
24 Jun 202616:29
attackerkb
CVE		CVE-2026-53009
24 Jun 202616:29
cve
Cvelist		CVE-2026-53009 ice: fix double-free of tx_buf skb
24 Jun 202616:29
cvelist
Debian CVE		CVE-2026-53009
24 Jun 202616:29
debiancve
EUVD		EUVD-2026-38877
24 Jun 202618:32
euvd
NVD		CVE-2026-53009
24 Jun 202617:17
nvd
OSV		DEBIAN-CVE-2026-53009
24 Jun 202620:48
osv
OSV		UBUNTU-CVE-2026-53009
25 Jun 202600:00
osv
Positive Technologies		PT-2026-51903
24 Jun 202600:00
ptsecurity
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(322691);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/06/25");

  script_cve_id("CVE-2026-53009");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2026-53009");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - ice: fix double-free of tx_buf skb If ice_tso() or ice_tx_csum() fail, the error path in
    ice_xmit_frame_ring() frees the skb, but the 'first' tx_buf still points to it and is marked as valid
    (ICE_TX_BUF_SKB). 'next_to_use' remains unchanged, so the potential problem will likely fix itself when
    the next packet is transmitted and the tx_buf gets overwritten. But if there is no next packet and the
    interface is brought down instead, ice_clean_tx_ring() -> ice_unmap_and_free_tx_buf() will find the tx_buf
    and free the skb for the second time. The fix is to reset the tx_buf type to ICE_TX_BUF_EMPTY in the error
    path, so that ice_unmap_and_free_tx_buf(). Move the initialization of 'first' up, to ensure it's already
    valid in case we hit the linearization error path. The bug was spotted by AI while I had it looking for
    something else. It also proposed an initial version of the patch. I reproduced the bug and tested the fix
    by adding code to inject failures, on a build with KASAN. I looked for similar bugs in related Intel
    drivers and did not find any. (CVE-2026-53009)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2026-53009");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:U/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:U/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-53009");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2026/06/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/06/25");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:11.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:12.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:13.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
  script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
  script_require_ports("Host/OS/Debian Linux-11", "Host/OS/Debian Linux-12", "Host/OS/Debian Linux-13");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Debian Linux-12": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "12",
        "pkgs": [
          {"reference": "btrfs-modules-6.1.0-47-alpha-generic-di"},
          {"reference": "cdrom-core-modules-6.1.0-47-alpha-generic-di"},
          {"reference": "ext4-modules-6.1.0-47-alpha-generic-di"},
          {"reference": "fat-modules-6.1.0-47-alpha-generic-di"},
          {"reference": "isofs-modules-6.1.0-47-alpha-generic-di"},
          {"reference": "jfs-modules-6.1.0-47-alpha-generic-di"},
          {"reference": "kernel-image-6.1.0-47-alpha-generic-di"},
          {"reference": "linux-doc"},
          {"reference": "linux-doc-6.1"},
          {"reference": "linux-headers-6.1.0"},
          {"reference": "linux-source"},
          {"reference": "linux-source-6.1"},
          {"reference": "linux-support-6.1.0"},
          {"reference": "loop-modules-6.1.0-47-alpha-generic-di"},
          {"reference": "nic-modules-6.1.0-47-alpha-generic-di"},
          {"reference": "nic-shared-modules-6.1.0-47-alpha-generic-di"},
          {"reference": "nic-wireless-modules-6.1.0-47-alpha-generic-di"},
          {"reference": "pata-modules-6.1.0-47-alpha-generic-di"},
          {"reference": "ppp-modules-6.1.0-47-alpha-generic-di"},
          {"reference": "scsi-core-modules-6.1.0-47-alpha-generic-di"},
          {"reference": "scsi-modules-6.1.0-47-alpha-generic-di"},
          {"reference": "scsi-nic-modules-6.1.0-47-alpha-generic-di"},
          {"reference": "serial-modules-6.1.0-47-alpha-generic-di"},
          {"reference": "usb-serial-modules-6.1.0-47-alpha-generic-di"},
          {"reference": "xfs-modules-6.1.0-47-alpha-generic-di"}
        ]
      }
    ]
  },
  "Debian Linux-11": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "11",
        "pkgs": [
          {"reference": "bpftool"},
          {"reference": "btrfs-modules-5.10.0-32-alpha-generic-di"},
          {"reference": "cdrom-core-modules-5.10.0-32-alpha-generic-di"},
          {"reference": "hyperv-daemons"},
          {"reference": "kernel-image-5.10.0-32-alpha-generic-di"},
          {"reference": "libcpupower-dev"},
          {"reference": "libcpupower1"},
          {"reference": "linux-bootwrapper-5.10.0"},
          {"reference": "linux-config-5.10"},
          {"reference": "linux-cpupower"},
          {"reference": "linux-doc"},
          {"reference": "linux-doc-5.10"},
          {"reference": "linux-headers-5.10.0"},
          {"reference": "linux-kbuild-5.10"},
          {"reference": "linux-libc-dev"},
          {"reference": "linux-perf"},
          {"reference": "linux-perf-5.10"},
          {"reference": "linux-source"},
          {"reference": "linux-source-5.10"},
          {"reference": "linux-support-5.10.0"},
          {"reference": "loop-modules-5.10.0-32-alpha-generic-di"},
          {"reference": "nic-modules-5.10.0-32-alpha-generic-di"},
          {"reference": "nic-shared-modules-5.10.0-32-alpha-generic-di"},
          {"reference": "nic-wireless-modules-5.10.0-32-alpha-generic-di"},
          {"reference": "pata-modules-5.10.0-32-alpha-generic-di"},
          {"reference": "ppp-modules-5.10.0-32-alpha-generic-di"},
          {"reference": "scsi-core-modules-5.10.0-32-alpha-generic-di"},
          {"reference": "scsi-modules-5.10.0-32-alpha-generic-di"},
          {"reference": "scsi-nic-modules-5.10.0-32-alpha-generic-di"},
          {"reference": "serial-modules-5.10.0-32-alpha-generic-di"},
          {"reference": "usb-serial-modules-5.10.0-32-alpha-generic-di"},
          {"reference": "usbip"}
        ]
      }
    ]
  },
  "Debian Linux-13": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "13",
        "pkgs": [
          {"reference": "bpftool"},
          {"reference": "hyperv-daemons"},
          {"reference": "intel-sdsi"},
          {"reference": "libcpupower-dev"},
          {"reference": "libcpupower1"},
          {"reference": "linux-bpf-dev"},
          {"reference": "linux-config-6.12"},
          {"reference": "linux-cpupower"},
          {"reference": "linux-doc"},
          {"reference": "linux-doc-6.12"},
          {"reference": "linux-headers-4kc-malta"},
          {"reference": "linux-headers-5kc-malta"},
          {"reference": "linux-headers-6.12.86+deb13-4kc-malta"},
          {"reference": "linux-headers-6.12.86+deb13-5kc-malta"},
          {"reference": "linux-headers-6.12.86+deb13-alpha-generic"},
          {"reference": "linux-headers-6.12.86+deb13-alpha-smp"},
          {"reference": "linux-headers-6.12.86+deb13-amd64"},
          {"reference": "linux-headers-6.12.86+deb13-arm64"},
          {"reference": "linux-headers-6.12.86+deb13-arm64-16k"},
          {"reference": "linux-headers-6.12.86+deb13-armmp"},
          {"reference": "linux-headers-6.12.86+deb13-armmp-lpae"},
          {"reference": "linux-headers-6.12.86+deb13-cloud-amd64"},
          {"reference": "linux-headers-6.12.86+deb13-cloud-arm64"},
          {"reference": "linux-headers-6.12.86+deb13-common"},
          {"reference": "linux-headers-6.12.86+deb13-common-rt"},
          {"reference": "linux-headers-6.12.86+deb13-loong64"},
          {"reference": "linux-headers-6.12.86+deb13-loongson-3"},
          {"reference": "linux-headers-6.12.86+deb13-m68k"},
          {"reference": "linux-headers-6.12.86+deb13-mips32r2eb"},
          {"reference": "linux-headers-6.12.86+deb13-mips32r2el"},
          {"reference": "linux-headers-6.12.86+deb13-mips64r2eb"},
          {"reference": "linux-headers-6.12.86+deb13-mips64r2el"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
25 Jun 2026 00:00Current
6Medium risk
Vulners AI Score6
linuxice driverdouble freetx buffervulnerability 2026 53009
2