CVE-2026-23048

NONE EPSS 4.1%
Published Feb 4, 20264mo ago · Modified Jun 17, 20261w ago
Find Similar
Published Feb 4, 2026 4mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: udp: call skb_orphan() before skb_attempt_defer_free() Standard UDP receive path does not use skb->destructor. But skmsg layer does use it, since it calls skb_set_owner_sk_safe() from udp_read_skb(). This then triggers this warning in skb_attempt_defer_free(): DEBUG_NET_WARN_ON_ONCE(skb->destructor); We must call skb_orphan() to fix this issue.

Threat Intelligence

EPSS Exploit Probability
4.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 2

  • git.kernel.org https://git.kernel.org/stable/c/0c63d5683eae6a7b4d81382bcbecb2a19feff90d
  • git.kernel.org https://git.kernel.org/stable/c/e5c8eda39a9fc1547d1398d707aa06c1d080abdd

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.