CVE-2026-45929

medium Red Hat
EPSS Score
0.0%
Exploitation probability in 30 days
Top 96% most likely to be exploited
Published: May 27, 2026 (44 days ago)
Last Modified: May 27, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in the Linux kernel's `ovpn` module. A use-after-free vulnerability exists in the `ovpn_net_xmit` function where a freed `skb` (socket buffer) pointer can be used for subsequent operations. This can occur when `skb_share_check` frees the original `skb` if it is shared, leading to a stale pointer being used. This flaw could potentially lead to system instability, denial of service, or other unspecified impacts.

CWE

CWE-825

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References