目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1336 CNY

100%
コーヒーを一杯おごる

CVE-2026-53013— macvlan 修复未预留 IFLA_MACVLAN_BC_CUTOFF 空间漏洞

EPSS 0.17% · P6
新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2026-53013の基本情報

脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル
macvlan: fix macvlan_get_size() not reserving space for IFLA_MACVLAN_BC_CUTOFF
ソース: NVD (National Vulnerability Database)
脆弱性説明
In the Linux kernel, the following vulnerability has been resolved: macvlan: fix macvlan_get_size() not reserving space for IFLA_MACVLAN_BC_CUTOFF macvlan_get_size() does not account for IFLA_MACVLAN_BC_CUTOFF, but macvlan_fill_info() conditionally includes it when port->bc_cutoff != 1. This causes nla_put_s32() to fail with -EMSGSIZE when the netlink skb runs out of space, triggering a WARN_ON in rtnetlink and preventing the interface from being dumped. The bug can be reproduced with: ip link add macvlan0 link eth0 type macvlan mode bridge ip link set macvlan0 type macvlan bc_cutoff 0 ip -d link show macvlan0 # fails with -EMSGSIZE The bc_cutoff feature was added in commit 954d1fa1ac93 ("macvlan: Add netlink attribute for broadcast cutoff"), which added the nla_put_s32() call in macvlan_fill_info() but missed adding the corresponding nla_total_size(4) in macvlan_get_size(). A follow-up commit 55cef78c244d ("macvlan: add forgotten nla_policy for IFLA_MACVLAN_BC_CUTOFF") fixed the missing nla_policy entry but still did not fix the size calculation.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)

影響を受ける製品

ベンダープロダクト影響を受けるバージョンCPE購読
LinuxLinux 954d1fa1ac93aa8a66f7d9a9ba545cf7f020d348 ~ 4979252758387b338ca968ba7e0515b0ae2257e3 -
LinuxLinux 6.4 -

II. CVE-2026-53013の公開POC

#POC説明ソースリンクShenlongリンク
AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2026-53013のインテリジェンス情報

登录查看更多情报信息。

CVE-2026-53013 补丁与修复 (3)

CVE-2026-53013 其他参考 (2)

Same Patch Batch · Linux · 2026-06-24 · 219 CVEs total

CVE-2026-52980sched/fair: Clear rel_deadline when initializing forked entities
CVE-2026-52993tipc: fix double-free in tipc_buf_append()
CVE-2026-52991sched/psi: fix race between file release and pressure write
CVE-2026-52990fsnotify: fix inode reference leak in fsnotify_recalc_mask()
CVE-2026-52988netfilter: nf_tables: join hook list via splice_list_rcu() in commit phase
CVE-2026-52989nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers
CVE-2026-52987drm/amdgpu: avoid double drm_exec_fini() in userq validate
CVE-2026-52986netfilter: nf_conntrack_sip: don't use simple_strtoul
CVE-2026-52985netdevsim: zero initialize struct iphdr in dummy sk_buff
CVE-2026-52984net/sched: netem: fix queue limit check to include reordered packets
CVE-2026-52982net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit()
CVE-2026-52983net: airoha: fix BQL imbalance in TX path
CVE-2026-52981neigh: let neigh_xmit take skb ownership
CVE-2026-52979net: psp: check for device unregister when creating assoc
CVE-2026-52968KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic
CVE-2026-52972crypto: af_alg - Cap AEAD AD length to 0x80000000
CVE-2026-52970netfilter: nft_ct: fix missing expect put in obj eval
CVE-2026-52969KVM: Reject wrapped offset in kvm_reset_dirty_gfn()
CVE-2026-52971net: ena: PHC: Fix potential use-after-free in get_timestamp
CVE-2026-52967smb/client: fix possible infinite loop and oob read in symlink_data()

Showing 20 of 219 CVEs. View all on vendor page →

IV. 関連脆弱性

同じ製品: Linux
同じベンダー: Linux

V. CVE-2026-53013へのコメント

まだコメントはありません

コメントを残す