Use-After-Free Vulnerability in Linux Kernel Affects Networking Components
CVE-2026-52912

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 24 June 2026

What is CVE-2026-52912?

A use-after-free vulnerability exists in the Linux kernel's netfilter component. When packets are queued in a bridge environment, the device referenced in the skb (socket buffer) structure can point to a freed bridge master due to improper management of skb->dev references. This occurs when bridge packets are re-injected into the network stack, potentially allowing an attacker to manipulate the packet processing path. The vulnerability has been addressed by ensuring that the reference to skb->dev is retained through the lifecycle of the queue, thus preventing access to freed memory during packet dropping and reinjection processes.

Affected Version(s)

Linux ac28634456867b23b95faccba7997a62ec430603 < 950d809f154dca04e5fbe5d3c8b9c5e44769cd57

Linux ac28634456867b23b95faccba7997a62ec430603

Linux ac28634456867b23b95faccba7997a62ec430603 < 19924bdd8a45ebc72a7b84c57fd63057d1dc75ac

References

https://git.kernel.org/stable/c/950d809f154dca04e5fbe5d3c...

https://git.kernel.org/stable/c/a698ac8ab2561cf575d2d9f34...

https://git.kernel.org/stable/c/19924bdd8a45ebc72a7b84c57...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-52912 Data

JSON