CVE-2026-52932

Description

In the Linux kernel, the following vulnerability has been resolved: xfrm: ipcomp: Free destination pages on acomp errors Move the out_free_req label up by a couple of lines so that the allocated dst SG list gets freed on error as well as success.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Affected products

Linux / Linuxeb2953d26971f3083bbf95de4bc997b5bedf0b6e – dc6dcba80d72a27ab61831ad3d253316e0c9b9d5
Linux / Linuxeb2953d26971f3083bbf95de4bc997b5bedf0b6e – b30aa173c3809f6af4c83a86099be1be19aa48eb
Linux / Linuxeb2953d26971f3083bbf95de4bc997b5bedf0b6e – 7dbac7680eb629b3b4dc7e98c34f943b8814c0c8
Linux / Linux6.15 – 6.15
Linux / Linux0 – 6.15
Linux / Linux6.18.35 – 6.18.*
Linux / Linux7.0.12 – 7.0.*
Linux / Linux7.1 – *

References

MISChttps://git.kernel.org/stable/c/dc6dcba80d72a27ab61831ad3d253316e0c9b9d5
MISChttps://git.kernel.org/stable/c/b30aa173c3809f6af4c83a86099be1be19aa48eb
MISChttps://git.kernel.org/stable/c/7dbac7680eb629b3b4dc7e98c34f943b8814c0c8