Detections
Analytics

CVE-2026-46153

high

Description

In the Linux kernel, the following vulnerability has been resolved: 8021q: delete cleared egress QoS mappings vlan_dev_set_egress_priority() currently keeps cleared egress priority mappings in the hash as tombstones. Repeated set/clear cycles with distinct skb priorities therefore accumulate mapping nodes until device teardown and leak memory. Delete mappings when vlan_prio is cleared instead of keeping tombstones. Now that the egress mapping lists are RCU protected, the node can be unlinked safely and freed after a grace period.

References

https://git.kernel.org/stable/c/a52e122c9e4d56ad9a03b32c915a199276d989c3

https://git.kernel.org/stable/c/7dddc74af369478ba7f9bc136d0fc1dc4570cb66

Details

Source: Mitre, NVD

Published: 2026-05-28

Updated: 2026-05-28

Risk Information

CVSS v2

Base Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:C

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Severity: High

EPSS

EPSS: 0.00018