Security Advisory

CVE-2026-31518

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-22 13:54:34
Last updated 2026-05-11 22:10:20
Assigner Linux
State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: esp: fix skb leak with espintcp and async crypto When the TX queue for espintcp is full, esp_output_tail_tcp will return an error and not free the skb, because with synchronous crypto, the common xfrm output code will drop the packet for us. With async crypto (esp_output_done), we need to drop the skb when esp_output_tail_tcp returns an error.