CVE-2026-22979
📋 TL;DR
A memory leak vulnerability in the Linux kernel's network stack occurs when handling GRO (Generic Receive Offload) packets during segmentation. This prevents proper socket cleanup, leading to persistent memory consumption that can cause system instability or denial of service. Systems running affected Linux kernel versions with GRO enabled are vulnerable.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Persistent memory exhaustion leading to system instability, denial of service, or kernel panic if memory pressure becomes critical.
Likely Case
Gradual memory consumption over time causing performance degradation and potential service disruption.
If Mitigated
Minimal impact if GRO is disabled or systems are regularly rebooted.
🎯 Exploit Status
Exploitation requires sending network traffic that triggers GRO segmentation, but no public exploit code is known.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with fixes: 0b27828ebd1ed3107d7929c3737adbe862e99e74, 238e03d0466239410b72294b79494e43d4fabe77, 3264881431e308b9c72cb8a0159d57a56d67dd79, 88bea149db2057112af3aaf63534b24fab5858ab, c114a32a2e70b82d447f409f7ffcfa3058f9d5bd
Vendor Advisory: https://git.kernel.org/stable/c/0b27828ebd1ed3107d7929c3737adbe862e99e74
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable GRO
linuxDisable Generic Receive Offload to prevent triggering the vulnerable code path
ethtool -K <interface> gro off
🧯 If You Can't Patch
- Disable GRO on critical network interfaces
- Implement regular system reboots to clear accumulated memory
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if GRO is enabled: uname -r && ethtool -k <interface> | grep generic-receive-offloadCheck Version:
uname -rVerify Fix Applied:
Verify kernel version is patched and monitor memory usage during network traffic📡 Detection & Monitoring
Log Indicators:
- Kernel memory allocation errors
- KMEMLEAK reports of unreferenced socket objects
- Increasing memory usage in /proc/meminfo
Network Indicators:
- Unusual network traffic patterns triggering GRO
SIEM Query:
Search for kernel logs containing 'sk_wmem_alloc' or memory allocation failures🔗 References
- https://git.kernel.org/stable/c/0b27828ebd1ed3107d7929c3737adbe862e99e74
- https://git.kernel.org/stable/c/238e03d0466239410b72294b79494e43d4fabe77
- https://git.kernel.org/stable/c/3264881431e308b9c72cb8a0159d57a56d67dd79
- https://git.kernel.org/stable/c/88bea149db2057112af3aaf63534b24fab5858ab
- https://git.kernel.org/stable/c/c114a32a2e70b82d447f409f7ffcfa3058f9d5bd
