xfrm: iptfs: preserve shared-frag marker in iptfs_consume_frags()
Summary
| CVE | CVE-2026-53363 |
|---|---|
| State | PUBLISHED |
| Assigner | Linux |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-07-10 12:17:22 UTC |
| Updated | 2026-07-10 12:17:22 UTC |
| Description | In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: preserve shared-frag marker in iptfs_consume_frags() iptfs_consume_frags() transfers paged fragments from one socket buffer to another but fails to propagate the SKBFL_SHARED_FRAG flag. This is the same class of bug that was fixed in skb_try_coalesce() for CVE-2026-46300: when fragments backed by read-only page-cache pages are merged, the marker indicating their shared nature must be preserved so that ESP can decide correctly whether in-place encryption is safe. Apply the same two-line fix used in skb_try_coalesce() to iptfs_consume_frags(). |
Risk And Classification
EPSS: 0.001110000 probability, percentile 0.015590000 (date 2026-07-11)
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Linux | Linux | affected b96ba312e21c9b7ac1526829b9640ddc06695c0b dd66f7f6e360ee82cd905517726f8e9091265de5 git | Not specified |
| CNA | Linux | Linux | affected b96ba312e21c9b7ac1526829b9640ddc06695c0b c885d111ed9f5a0a1f3cc4e87a50db6518abaa6c git | Not specified |
| CNA | Linux | Linux | affected b96ba312e21c9b7ac1526829b9640ddc06695c0b e9096a5a170e7ecd6467bc2e08668ec39897cda7 git | Not specified |
| CNA | Linux | Linux | affected 6.14 | Not specified |
| CNA | Linux | Linux | unaffected 6.14 semver | Not specified |
| CNA | Linux | Linux | unaffected 6.18.36 6.18.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.0.13 7.0.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.1 * original_commit_for_fix | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| git.kernel.org/stable/c/c885d111ed9f5a0a1f3cc4e87a50db6518abaa6c | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/e9096a5a170e7ecd6467bc2e08668ec39897cda7 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/dd66f7f6e360ee82cd905517726f8e9091265de5 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.