CVE-2026-53087
Received Received - Intake
BCMGenet Network Driver Memory Leak Fix

Publication date: 2026-06-24

Last updated on: 2026-06-24

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix leaking free_bds While reclaiming the tx queue we fast forward the write pointer to drop any data in flight. These dropped frames are not added back to the pool of free bds. We also need to tell the netdev that we are dropping said data.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-24
Last Modified
2026-06-24
Generated
2026-06-25
AI Q&A
2026-06-24
EPSS Evaluated
N/A
NVD
CVE-2026-53087
EUVD
EUVD-2026-38955
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's bcmgenet network driver. When reclaiming the transmit (tx) queue, the driver fast forwards the write pointer to drop any data that is currently in flight. However, the dropped frames are not returned to the pool of free buffer descriptors (bds), which leads to a resource leak. Additionally, the network device is not properly informed about the dropped data.

Impact Analysis

The impact of this vulnerability is that the network driver leaks buffer descriptors when dropping data frames. Over time, this can lead to resource exhaustion in the network stack, potentially causing degraded network performance or failure to transmit data properly.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53087. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart