{"id":81341,"date":"2026-07-01T17:02:29","date_gmt":"2026-07-01T13:32:29","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2026-53353-hsr-remove-warn_once-in-hsr_addr_is_self\/"},"modified":"2026-07-01T17:02:29","modified_gmt":"2026-07-01T13:32:29","slug":"cve-2026-53353-hsr-remove-warn_once-in-hsr_addr_is_self","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2026-53353-hsr-remove-warn_once-in-hsr_addr_is_self\/","title":{"rendered":"CVE-2026-53353 &#8211; hsr: Remove WARN_ONCE() in hsr_addr_is_self()."},"content":{"rendered":"<p>CVE ID :CVE-2026-53353<\/p>\n<p>  Published : July 1, 2026, 1:32 p.m. | 14\u00a0minutes ago<\/p>\n<p>  Description :In the Linux kernel, the following vulnerability has been resolved:<\/p>\n<p>hsr: Remove WARN_ONCE() in hsr_addr_is_self().<\/p>\n<p>syzbot reported the warning [0] in hsr_addr_is_self(),<br \/>\nwhose assumption is simply wrong.<\/p>\n<p>hsr-&gt;self_node is cleared in hsr_del_self_node(), which<br \/>\nis called from hsr_dellink().<\/p>\n<p>Since dev-&gt;rtnl_link_ops-&gt;dellink() is called before<br \/>\nunregister_netdevice_many(), there is a window when<br \/>\nuser can find the device but without hsr-&gt;self_node.<\/p>\n<p>Let&#8217;s remove WARN_ONCE() in hsr_addr_is_self().<\/p>\n[0]:<br \/>\nHSR: No self node<br \/>\nWARNING: net\/hsr\/hsr_framereg.c:39 at hsr_addr_is_self+0x211\/0x3f0 net\/hsr\/hsr_framereg.c:39, CPU#0: syz.4.16848\/17220<br \/>\nModules linked in:<br \/>\nCPU: 0 UID: 0 PID: 17220 Comm: syz.4.16848 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)}<br \/>\nTainted: [L]=SOFTLOCKUP<br \/>\nHardware name: Google Google Compute Engine\/Google Compute Engine, BIOS Google 04\/18\/2026<br \/>\nRIP: 0010:hsr_addr_is_self+0x211\/0x3f0 net\/hsr\/hsr_framereg.c:39<br \/>\nCode: 33 2f 41 0f b7 dd 89 ee 09 de 31 ff e8 c8 b4 c6 f6 09 dd 74 54 e8 0f b0 c6 f6 31 ed eb 53 e8 06 b0 c6 f6 48 8d 3d 2f 50 9c 04  48 0f b9 3a 31 ed eb 42 e8 c1 13 1f 00 89 c5 31 ff 89 c6 e8 96<br \/>\nRSP: 0018:ffffc900041c70e0 EFLAGS: 00010283<br \/>\nRAX: ffffffff8afdc6ca RBX: ffffffff8afdc4e6 RCX: 0000000000080000<br \/>\nRDX: ffffc90010493000 RSI: 0000000000000948 RDI: ffffffff8f9a1700<br \/>\nRBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000<br \/>\nR10: ffffc900041c71e8 R11: fffff52000838e3f R12: dffffc0000000000<br \/>\nR13: ffff888041f9e3c0 R14: ffff888086ee3802 R15: 0000000000000000<br \/>\nFS:  00007f6fe985d6c0(0000) GS:ffff888126176000(0000) knlGS:0000000000000000<br \/>\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033<br \/>\nCR2: 00007f80bd437dac CR3: 0000000025096000 CR4: 00000000003526f0<br \/>\nDR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000002<br \/>\nDR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400<br \/>\nCall Trace:<\/p>\n<p> check_local_dest net\/hsr\/hsr_forward.c:592 [inline]\n fill_frame_info net\/hsr\/hsr_forward.c:728 [inline]\n hsr_forward_skb+0xa11\/0x2a80 net\/hsr\/hsr_forward.c:739<br \/>\n hsr_dev_xmit+0x253\/0x370 net\/hsr\/hsr_device.c:236<br \/>\n __netdev_start_xmit include\/linux\/netdevice.h:5368 [inline]\n netdev_start_xmit include\/linux\/netdevice.h:5377 [inline]\n xmit_one net\/core\/dev.c:3888 [inline]\n dev_hard_start_xmit+0x2df\/0x860 net\/core\/dev.c:3904<br \/>\n __dev_queue_xmit+0x1428\/0x3900 net\/core\/dev.c:4870<br \/>\n neigh_output include\/net\/neighbour.h:556 [inline]\n ip_finish_output2+0xcec\/0x10b0 net\/ipv4\/ip_output.c:237<br \/>\n ip_send_skb net\/ipv4\/ip_output.c:1510 [inline]\n ip_push_pending_frames+0x8b\/0x110 net\/ipv4\/ip_output.c:1530<br \/>\n raw_sendmsg+0x1547\/0x1a50 net\/ipv4\/raw.c:659<br \/>\n sock_sendmsg_nosec net\/socket.c:787 [inline]\n __sock_sendmsg net\/socket.c:802 [inline]\n ____sys_sendmsg+0x7da\/0x9c0 net\/socket.c:2698<br \/>\n ___sys_sendmsg+0x2a5\/0x360 net\/socket.c:2752<br \/>\n __sys_sendmsg net\/socket.c:2784 [inline]\n __do_sys_sendmsg net\/socket.c:2789 [inline]\n __se_sys_sendmsg net\/socket.c:2787 [inline]\n __x64_sys_sendmsg+0x1c3\/0x2a0 net\/socket.c:2787<br \/>\n do_syscall_x64 arch\/x86\/entry\/syscall_64.c:63 [inline]\n do_syscall_64+0x15f\/0xf80 arch\/x86\/entry\/syscall_64.c:94<br \/>\n entry_SYSCALL_64_after_hwframe+0x77\/0x7f<br \/>\nRIP: 0033:0x7f6feb62ce59<br \/>\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05  3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48<br \/>\nRSP: 002b:00007f6fe985d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e<br \/>\nRAX: ffffffffffffffda RBX: 00007f6feb8a6090 RCX: 00007f6feb62ce59<br \/>\nRDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004<br \/>\nRBP: 00007f6feb6c2d6f R08: 0000000000000000 R09: 0000000000000000<br \/>\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000<br \/>\nR13: 00007f6feb8a6128 R14: 00007f6feb8a6090 R15: 00007ffcf01cc488<\/p>\n<p>  Severity: 0.0 | NA<\/p>\n<p>  Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID :CVE-2026-53353 Published : July 1, 2026, 1:32 p.m. | 14\u00a0minutes ago Description :In the Linux kernel, the following vulnerability has been resolved: hsr: Remove WARN_ONCE() in hsr_addr_is_self(). syzbot reported the warning [0] in hsr_addr_is_self(), whose assumption is simply wrong. hsr-&gt;self_node is cleared in hsr_del_self_node(), which is called from hsr_dellink(). Since dev-&gt;rtnl_link_ops-&gt;dellink() is called &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-81341","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/81341","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=81341"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/81341\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=81341"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=81341"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=81341"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}