Wind River Support Network

HomeDefectsLIN1024-15195
Acknowledged

LIN1024-15195 : Security Advisory - linux - CVE-2026-23098

Created: Feb 4, 2026    Updated: Feb 10, 2026
Found In Version: 10.24.33.2
Severity: Standard
Applicable for: Wind River Linux LTS 24
Component/s: Kernel

Description

In the Linux kernel, the following vulnerability has been resolved:

netrom: fix double-free in nr_route_frame()

In nr_route_frame(), old_skb is immediately freed without checking if
nr_neigh->ax25 pointer is NULL. Therefore, if nr_neigh->ax25 is NULL,
the caller function will free old_skb again, causing a double-free bug.

Therefore, to prevent this, we need to modify it to check whether
nr_neigh->ax25 is NULL before freeing old_skb.
  • Linkedin
  • Facebook
  • Twitter
  • Youtube