CVE-2026-53088
Description
In the Linux kernel, the following vulnerability has been resolved:
net: bcmgenet: fix off-by-one in bcmgenet_put_txcb
The write_ptr points to the next open tx_cb. We want to return the
tx_cb that gets rewinded, so we must rewind the pointer first then
return the tx_cb that it points to. That way the txcb can be correctly
cleaned up.
Metadata
Severity & Metrics
No CVSS data available.
Affected products (2)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Linux | Linux | — | 876dbadd53a7102e2a84afc84ea2bd3ee6dc5636 < 14e9f86564fff7bcf7f45c1b69080e837b31d185, 876dbadd53a7102e2a84afc84ea2bd3ee6dc5636 < fb9a3c1f547d0ff024dbfe7b6f327626ddf0a3de, 876dbadd53a7102e2a84afc84ea2bd3ee6dc5636 < 85f34ec320d3881badfd4edc5fee5cd5012bb54d, 876dbadd53a7102e2a84afc84ea2bd3ee6dc5636 < 2a74590170427a3ca7cc4bb8690cdd559129c29c … |
| Linux | Linux | — | 4.13, 0 < 4.13, 5.10.258 ≤ 5.10.*, 5.15.209 ≤ 5.15.* … |
References (8)
- https://git.kernel.org/stable/c/14e9f86564fff7bcf7f45c1b69080e837b31d185
- https://git.kernel.org/stable/c/fb9a3c1f547d0ff024dbfe7b6f327626ddf0a3de
- https://git.kernel.org/stable/c/85f34ec320d3881badfd4edc5fee5cd5012bb54d
- https://git.kernel.org/stable/c/2a74590170427a3ca7cc4bb8690cdd559129c29c
- https://git.kernel.org/stable/c/29394f722f620281f2ee9a47f947734e53d72c90
- https://git.kernel.org/stable/c/4cab761fc51c65aef741fcece4a18f3554edbc09
- https://git.kernel.org/stable/c/72df896e31ddd06fcc5a789f025ad7a62a18bc9b
- https://git.kernel.org/stable/c/57f3f53d2c9c5a9e133596e2f7bc1c50688a6d38