CVE-2026-23048

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue where the standard UDP receive path does not utilize skb->destructor, but the skmsg layer does through a call to skb set owner sk safe() from udp read skb(). This triggers a warning in skb attempt defer free() because skb orphan() is not called. The issue is resolved by calling skb orphan().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.