Vulnerability in Linux Kernel Network Device Management
CVE-2026-53353
What is CVE-2026-53353?
The vulnerability in the Linux kernel relates to improper handling of the self node in the HSR (High-availability Seamless Redundancy) protocol. Specifically, the function hsr_addr_is_self() contains a warning statement that assumes the self node is intact during operations. However, this assumption is flawed as the self node can be cleared during specific calls to hsr_del_self_node(). This creates a potential window where users can access the device without the self node, leading to inconsistent network behavior. This vulnerability underscores the importance of robust error handling and assumption verification in network device management.
Affected Version(s)
Linux f266a683a4804dc499efc6c2206ef68efed029d0 < 271355c2ef6171dbc815e7ae653eed63444bbd58
Linux f266a683a4804dc499efc6c2206ef68efed029d0 < 0232b6fcb7615fb7fecfe0727a23065a53e228b8
Linux f266a683a4804dc499efc6c2206ef68efed029d0 < 66a46e22396fd5d09606f37f73643eb20e99aa42