In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix missing skbuff release in seg6inputcore The seg6input() function is responsible for adding the SRH into a packet, delegating the operation to the seg6inputcore(). This function uses the skbcowhead() to ensure that there is sufficient headroom in the skbuff for accommodating the link-layer header. In the event that the skbcowheader() function fails, the seg6inputcore() catches the error but it does not release the skbuff, which will result in a memory leak. This issue was introduced in commit af3b5158b89d ("ipv6: sr: fix BUG due to headroom too small after SRH push") and persists even after commit 7a3f5b0de364 ("netfilter: add netfilter hooks to SRv6 data plane"), where the entire seg6input() code was refactored to deal with netfilter hooks. The proposed patch addresses the identified memory leak by requiring the seg6inputcore() function to release the skbuff in the event that skbcowhead() fails.