PT-2026-35138 · Linux · Linux
Published
2026-04-25
·
Updated
2026-04-25
·
CVE-2026-31678
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
In the Linux kernel, the following vulnerability has been resolved:
openvswitch: defer tunnel netdev put to RCU release
ovs netdev tunnel destroy() may run after NETDEV UNREGISTER already
detached the device. Dropping the netdev reference in destroy can race
with concurrent readers that still observe vport->dev.
Do not release vport->dev in ovs netdev tunnel destroy(). Instead, let
vport netdev free() drop the reference from the RCU callback, matching
the non-tunnel destroy path and avoiding additional synchronization
under RTNL.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux