{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-53087", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-06-09T07:44:35.384Z", "datePublished": "2026-06-24T16:30:26.881Z", "dateUpdated": "2026-06-28T06:39:09.752Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-06-28T06:39:09.752Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bcmgenet: fix leaking free_bds\n\nWhile reclaiming the tx queue we fast forward the write pointer to\ndrop any data in flight. These dropped frames are not added back\nto the pool of free bds. We also need to tell the netdev that we\nare dropping said data."}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/broadcom/genet/bcmgenet.c"], "versions": [{"version": "6a84791b63044cdee3ab55eb350e6352b751f584", "lessThan": "150d06aae1839a6564ab200ef0e7291c3528bbb0", "status": "affected", "versionType": "git"}, {"version": "991cd78f95f2a1d6097669afaff66aeeba35f5fd", "lessThan": "52b9f80993698138b90e5ca3a72550a2501f2a96", "status": "affected", "versionType": "git"}, {"version": "3877efc13053408f4cf2e821006d6ddd1929200f", "lessThan": "3c3abbcfa05bad17965498ff7cc94c2418fa94b3", "status": "affected", "versionType": "git"}, {"version": "f1bacae8b655163dcbc3c54b9e714ef1a8986d7b", "lessThan": "25ff3a3e47ea635ec08dc93e84dd2bfe15abfebb", "status": "affected", "versionType": "git"}, {"version": "f1bacae8b655163dcbc3c54b9e714ef1a8986d7b", "lessThan": "ac4a29c331ecb5b10240c44247a8e010c95bc15b", "status": "affected", "versionType": "git"}, {"version": "f1bacae8b655163dcbc3c54b9e714ef1a8986d7b", "lessThan": "3f3168300efb839028328d720ab3962f91d6a0d0", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/broadcom/genet/bcmgenet.c"], "versions": [{"version": "6.15", "status": "affected"}, {"version": "0", "lessThan": "6.15", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.33", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.10", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.15", "versionEndExcluding": "6.18.33"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.15", "versionEndExcluding": "7.0.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.15", "versionEndExcluding": "7.1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/150d06aae1839a6564ab200ef0e7291c3528bbb0"}, {"url": "https://git.kernel.org/stable/c/52b9f80993698138b90e5ca3a72550a2501f2a96"}, {"url": "https://git.kernel.org/stable/c/3c3abbcfa05bad17965498ff7cc94c2418fa94b3"}, {"url": "https://git.kernel.org/stable/c/25ff3a3e47ea635ec08dc93e84dd2bfe15abfebb"}, {"url": "https://git.kernel.org/stable/c/ac4a29c331ecb5b10240c44247a8e010c95bc15b"}, {"url": "https://git.kernel.org/stable/c/3f3168300efb839028328d720ab3962f91d6a0d0"}], "title": "net: bcmgenet: fix leaking free_bds", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{}

{"bugzilla": {"description": "kernel: net: bcmgenet: fix leaking free_bds", "id": "2492349", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2492349"}, "csaw": false, "cwe": "CWE-772", "details": ["A flaw was found in the Linux kernel's bcmgenet network driver. When the transmit (tx) queue is reclaimed, the driver incorrectly drops data frames without returning them to the pool of free buffer descriptors (bds). This oversight results in a resource leak, which can lead to resource exhaustion and potentially cause a denial of service (DoS) for network functionality."], "name": "CVE-2026-53087", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-06-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-53087\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-53087\nhttps://lore.kernel.org/linux-cve-announce/2026062408-CVE-2026-53087-ce72@gregkh/T"]}