CVE-2026-53233
Received Received - Intake
Double-Free Vulnerability in Linux Kernel Networking

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: netdev: fix double-free in netdev_nl_bind_rx_doit() Sashiko flags that genlmsg_reply() always consumes the skb. The error path calls nlmsg_free(rsp) so we can't jump directly to it. Let's not unbind, just propagate the error to the user. This is the typical way of handling genlmsg_reply() failures. They shouldn't happen unless user does something silly like calling the kernel with an already-full rcvbuf.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-06-25
AI Q&A
2026-06-25
EPSS Evaluated
N/A
NVD
CVE-2026-53233
EUVD
EUVD-2026-39324
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a double-free issue in the Linux kernel's netdev component, specifically in the function netdev_nl_bind_rx_doit().

The problem arises because the function genlmsg_reply() always consumes the skb (socket buffer), but the error handling path also calls nlmsg_free(rsp), leading to a double-free scenario.

The fix involves not unbinding and instead propagating the error to the user, which is the typical way to handle genlmsg_reply() failures.

Such failures usually occur only if the user does something unusual, like calling the kernel with an already-full receive buffer.

Impact Analysis

A double-free vulnerability in the kernel can potentially lead to system instability, crashes, or security issues such as memory corruption.

However, this specific vulnerability is triggered only under unusual conditions, such as when the user calls the kernel with an already-full receive buffer.

If exploited, it could cause denial of service or potentially allow an attacker to execute arbitrary code with kernel privileges.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53233. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart