CVE-2026-23045Missing Lock Check in Linux

CWE-414Missing Lock Check7 documents6 sources
Severity
3.3LOW
No vector
EPSS
0.0%
top 92.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedFeb 4

Description

In the Linux kernel, the following vulnerability has been resolved: net/ena: fix missing lock when update devlink params Fix assert lock warning while calling devl_param_driverinit_value_set() in ena. WARNING: net/devlink/core.c:261 at devl_assert_locked+0x62/0x90, CPU#0: kworker/0:0/9 CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Not tainted 6.19.0-rc2+ #1 PREEMPT(lazy) Hardware name: Amazon EC2 m8i-flex.4xlarge/, BIOS 1.0 10/16/2017 Workqueue: events work_for_cpu_fn RIP: 0010:devl_assert_locked+0x

Affected Packages4 packages

Linuxlinux/linux_kernel6.17.06.18.6
Debianlinux/linux_kernel< 6.18.8-1
CVEListV5linux/linux816b52624cf6a03ea541956b448025d844a8287df2c4bcfa193eef1b7457a56be9c47a8de015f225+2
debiandebian/linux< linux 6.18.8-1 (forky)

🔴Vulnerability Details

3
OSV
CVE-2026-23045: In the Linux kernel, the following vulnerability has been resolved: net/ena: fix missing lock when update devlink params Fix assert lock warning while2026-02-04
OSV
net/ena: fix missing lock when update devlink params2026-02-04
GHSA
GHSA-c283-mfwm-22x2: In the Linux kernel, the following vulnerability has been resolved: net/ena: fix missing lock when update devlink params Fix assert lock warning whi2026-02-04

📋Vendor Advisories

2
Red Hat
kernel: net/ena: fix missing lock when update devlink params2026-02-04
Debian
CVE-2026-23045: linux - In the Linux kernel, the following vulnerability has been resolved: net/ena: fi...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23045 Impact, Exploitability, and Mitigation Steps | Wiz