CVE-2026-46153
VLAN Egress Priority Mapping Memory Leak in Linux Kernel
Publication date: 2026-05-28
Last updated on: 2026-05-28
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's 8021q module, specifically in the function vlan_dev_set_egress_priority(). The function currently retains cleared egress priority mappings as tombstones in a hash table. When there are repeated set and clear operations with different skb priorities, these mapping nodes accumulate over time until the device is torn down, causing a memory leak.
The fix involves deleting the mappings when the vlan_prio is cleared instead of keeping tombstones. Since the egress mapping lists are now protected by RCU (Read-Copy-Update), the nodes can be safely unlinked and freed after a grace period, preventing the memory leak.
How can this vulnerability impact me? :
This vulnerability can lead to a memory leak in the Linux kernel when the affected function repeatedly sets and clears egress priority mappings. Over time, this memory leak can consume system resources, potentially degrading system performance or causing instability until the device is torn down.