CVE-2026-43011
Double Free in Linux Kernel X.25 Protocol
Publication date: 2026-05-01
Last updated on: 2026-05-03
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a potential double free issue in the Linux kernel's X.25 networking code. Specifically, when the function alloc_skb fails in x25_queue_rx_frame, it frees a socket buffer (skb) and returns an error. However, this error causes the skb to be freed again later in the call chain by x25_backlog_rcv, resulting in the same skb being freed twice.
Double freeing memory can lead to undefined behavior, including memory corruption or crashes.
How can this vulnerability impact me? :
The double free vulnerability can cause instability in the Linux kernel, potentially leading to system crashes or memory corruption. This can affect the reliability and availability of systems running vulnerable versions of the Linux kernel, especially those using the X.25 networking protocol.