3 matches found
CVE-2026-22988
A use-after-free vulnerability was found in the Linux kernel's ARP implementation. The arpcreate function initializes a pointer to the ARP header before calling devhardheader, incorrectly assuming that skb-head will not change. A recent kernel change broke this assumption, causing the @arp pointe...
CVE-2026-22988
creationtimestamp| type| source ---|---|--- 2026-01-23 17:05:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3md46p4rvzi2n...
CVE-2026-22988
In the Linux kernel, the following vulnerability has been resolved: arp: do not assume devhardheader does not change skb-head arpcreate is the only devhardheader caller making assumption about skb-head being unchanged. A recent commit broke this assumption. Initialize @arp pointer after...