Memory Leak in Linux Kernel Affecting GUE Protocol Handling
CVE-2026-23095

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
4 February 2026

What is CVE-2026-23095?

The Linux kernel has a vulnerability related to memory management in the Generic UDP Encapsulation (GUE) protocol, specifically identified during the handling of GUE packets with an inner IP protocol of 0. This flaw can lead to memory leaks, as improper handling of specific packet types may result in unreferenced memory objects not being released, ultimately affecting system performance and stability. While IPv6 Hop-by-Hop Options are valid use cases, the practical need to encapsulate them in GUE is questionable. This vulnerability must be addressed to ensure the robustness and integrity of networking operations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 37dd0247797b168ad1cc7f5dbec825a1ee66535b < 886f186328b718400dbf79e1bc8cbcbd710ab766

Linux 37dd0247797b168ad1cc7f5dbec825a1ee66535b < 380a82d36e37db49fd41ecc378c22fd29392e96a

Linux 37dd0247797b168ad1cc7f5dbec825a1ee66535b < 536f5bbc322eb1e175bdd1ced22b236a951c4d8f

References

https://git.kernel.org/stable/c/886f186328b718400dbf79e1b...
https://git.kernel.org/stable/c/380a82d36e37db49fd41ecc37...
https://git.kernel.org/stable/c/536f5bbc322eb1e175bdd1ced...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.