CVE-2026-46116 | Linux Kernel up to 7.1-rc2 xfrm __xfrm_state_delete use after free

A vulnerability labeled as critical has been found in Linux Kernel up to 6.6.139/6.12.87/6.18.29/7.0.6/7.1-rc2. The affected element is the function __xfrm_state_delete of the component xfrm. Such manipulation leads to use after free.

This vulnerability is traded as CVE-2026-46116. Access to the local network is required for this attack to succeed. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More