CVE-2026-23444

ADVISORY - nist

Summary

In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure

ieee80211_tx_prepare_skb() has three error paths, but only two of them free the skb. The first error path (ieee80211_tx_prepare() returning TX_DROP) does not free it, while invoke_tx_handlers() failure and the fragmentation check both do.

Add kfree_skb() to the first error path so all three are consistent, and remove the now-redundant frees in callers (ath9k, mt76, mac80211_hwsim) to avoid double-free.

Document the skb ownership guarantee in the function's kdoc.

EPSS Score: 0.00129 (0.029)

Common Weakness Enumeration (CWE)

ADVISORY - nist

Missing Release of Memory after Effective Lifetime

ADVISORY - redhat

Multiple Releases of Same Resource or Handle


Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in