In the Linux kernel, the following vulnerability has been resolved:

net: bcmgenet: fix off-by-one in bcmgenet_put_txcb

The write_ptr points to the next open tx_cb. We want to return the
tx_cb that gets rewinded, so we must rewind the pointer first then
return the tx_cb that it points to. That way the txcb can be correctly
cleaned up.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Linux Linux unaffected
Version Status Constraints
876dbadd53a7102e2a84afc84ea2bd3ee6dc5636 affected < 14e9f86564fff7bcf7f45c1b69080e837b31d185
876dbadd53a7102e2a84afc84ea2bd3ee6dc5636 affected < fb9a3c1f547d0ff024dbfe7b6f327626ddf0a3de
876dbadd53a7102e2a84afc84ea2bd3ee6dc5636 affected < 85f34ec320d3881badfd4edc5fee5cd5012bb54d
876dbadd53a7102e2a84afc84ea2bd3ee6dc5636 affected < 2a74590170427a3ca7cc4bb8690cdd559129c29c
876dbadd53a7102e2a84afc84ea2bd3ee6dc5636 affected < 29394f722f620281f2ee9a47f947734e53d72c90
876dbadd53a7102e2a84afc84ea2bd3ee6dc5636 affected < 4cab761fc51c65aef741fcece4a18f3554edbc09
876dbadd53a7102e2a84afc84ea2bd3ee6dc5636 affected < 72df896e31ddd06fcc5a789f025ad7a62a18bc9b
876dbadd53a7102e2a84afc84ea2bd3ee6dc5636 affected < 57f3f53d2c9c5a9e133596e2f7bc1c50688a6d38
3bdf77194ea822390b405639b77659071fd2c2e9 affected
3.16.50 affected < 3.17
Linux Linux affected
Version Status Constraints
4.13 affected
0 unaffected < 4.13
5.10.258 unaffected ≤ 5.10.*
5.15.209 unaffected ≤ 5.15.*
6.1.175 unaffected ≤ 6.1.*
6.6.141 unaffected ≤ 6.6.*
6.12.91 unaffected ≤ 6.12.*
6.18.33 unaffected ≤ 6.18.*
7.0.10 unaffected ≤ 7.0.*
7.1 unaffected ≤ *

No data.

No data.

No data.

Project Subscriptions

Vendors Products
Linux Subscribe
Linux Kernel Subscribe
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://git.kernel.org/stable/c/14e9f86564fff7bcf7f45c1b69080e837b31d185 cve-icon
https://git.kernel.org/stable/c/29394f722f620281f2ee9a47f947734e53d72c90 cve-icon
https://git.kernel.org/stable/c/2a74590170427a3ca7cc4bb8690cdd559129c29c cve-icon
https://git.kernel.org/stable/c/4cab761fc51c65aef741fcece4a18f3554edbc09 cve-icon
https://git.kernel.org/stable/c/57f3f53d2c9c5a9e133596e2f7bc1c50688a6d38 cve-icon
https://git.kernel.org/stable/c/72df896e31ddd06fcc5a789f025ad7a62a18bc9b cve-icon
https://git.kernel.org/stable/c/85f34ec320d3881badfd4edc5fee5cd5012bb54d cve-icon
https://git.kernel.org/stable/c/fb9a3c1f547d0ff024dbfe7b6f327626ddf0a3de cve-icon
History

Wed, 24 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix off-by-one in bcmgenet_put_txcb The write_ptr points to the next open tx_cb. We want to return the tx_cb that gets rewinded, so we must rewind the pointer first then return the tx_cb that it points to. That way the txcb can be correctly cleaned up.
Title net: bcmgenet: fix off-by-one in bcmgenet_put_txcb
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-24T16:30:27.655Z

Reserved: 2026-06-09T07:44:35.384Z

Link: CVE-2026-53088

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses

No weakness.