2 matches found
CVE-2026-46116
In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load on linux-6.12.y stable reproduced on 6.12.47, also reachable via the...
CVE-2026-46116
CVE-2026-46116 affects the Linux kernel xfrm subsystem (xfrm_state). The root cause is a local-use-after-free in __xfrm_state_delete due to unsafe deletions from byseq/byspi hash chains. The patch changes deletions to hlist_del_init_rcu and uses hlist_unhashed() checks, preventing writes after LI...