Primary

Context

Linux Kernel UDP skb Orphan Vulnerability in Stable Versions

Vulnerability

Patched

A vulnerability in the Linux kernel's UDP handling has been addressed. The issue arises because the standard UDP receive path does not utilize the skb->destructor, while the skmsg layer does. This discrepancy triggers a warning in the skb_attempt_defer_free function, indicating the need for intervention. The vulnerability has been resolved by ensuring that skb_orphan() is called before skb_attempt_defer_free(), thereby aligning the UDP receive path with the requirements of the skmsg layer.

Impact

The vulnerability could lead to improper handling of socket buffers in the UDP receive path, potentially causing issues in message processing or delivery.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.

Added: Feb 4, 2026, 4:20 PM

Updated: Feb 4, 2026, 4:37 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

3.5

remediation

7.7

relevance

2.5

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

3.5

remediation

7.7

relevance

2.5

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel UDP skb Orphan Vulnerability in Stable Versions

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating