Linux Kernel Vulnerability in iptfs - Affects Shared Fragment Processing
CVE-2026-53363
Currently unrated
What is CVE-2026-53363?
A vulnerability within the Linux kernel's iptfs module affects the handling of shared-frag markers during the transfer of paged socket buffer fragments. Specifically, the function iptfs_consume_frags() neglects to propagate the SKBFL_SHARED_FRAG flag, which is essential for ensuring that in-place encryption decisions made by ESP remain secure. This issue mirrors a previously resolved bug addressed in skb_try_coalesce(). The fix for iptfs_consume_frags() is based on a similar corrective action taken for skb_try_coalesce().
Affected Version(s)
Linux b96ba312e21c9b7ac1526829b9640ddc06695c0b
Linux b96ba312e21c9b7ac1526829b9640ddc06695c0b
Linux b96ba312e21c9b7ac1526829b9640ddc06695c0b