CVE-2026-53088
Published: June 26, 2026Last modified: June 26, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix off-by-one in bcmgenet_put_txcb The write_ptr points to the next open tx_cb. We want to return the tx_cb that gets rewinded, so we must rewind the pointer first then return the tx_cb that it points to. That way the txcb can be correctly cleaned up.
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.175-r0) |
| 25 LTS | linux-lts | Fixed (6.12.92-r0) | |
| Stream | linux-lts | Fixed (6.18.35-r1) |
References
- https://git.kernel.org/stable/c/14e9f86564fff7bcf7f45c1b69080e837b31d185
- https://git.kernel.org/stable/c/29394f722f620281f2ee9a47f947734e53d72c90
- https://git.kernel.org/stable/c/2a74590170427a3ca7cc4bb8690cdd559129c29c
- https://git.kernel.org/stable/c/4cab761fc51c65aef741fcece4a18f3554edbc09
- https://git.kernel.org/stable/c/57f3f53d2c9c5a9e133596e2f7bc1c50688a6d38
- https://git.kernel.org/stable/c/72df896e31ddd06fcc5a789f025ad7a62a18bc9b
- https://git.kernel.org/stable/c/85f34ec320d3881badfd4edc5fee5cd5012bb54d
- https://git.kernel.org/stable/c/fb9a3c1f547d0ff024dbfe7b6f327626ddf0a3de