CVE-2026-23098

CWE-4158 documents8 sources
Severity
7.8HIGH
EPSS
0.0%
top 94.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux LinuxLinux Linux Kernel
Timeline
PublishedFeb 4
Latest updateApr 9

Description

In the Linux kernel, the following vulnerability has been resolved: netrom: fix double-free in nr_route_frame() In nr_route_frame(), old_skb is immediately freed without checking if nr_neigh->ax25 pointer is NULL. Therefore, if nr_neigh->ax25 is NULL, the caller function will free old_skb again, causing a double-free bug. Therefore, to prevent this, we need to modify it to check whether nr_neigh->ax25 is NULL before freeing old_skb.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel2.6.12.15.10.249+7
CVEListV5linux/linux1da177e4c3f41524e886b7f1b8a0c1fc7321cac225aab6bfc31017a7e52035b99aef5c2b6bde8ffb+7
Debianlinux< 5.10.249-1+3
Debianlinux-6.1< 6.1.162-1~deb11u1

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
GHSA
GHSA-6qxm-gr5m-j478: In the Linux kernel, the following vulnerability has been resolved: netrom: fix double-free in nr_route_frame() In nr_route_frame(), old_skb is imme2026-02-04
OSV
CVE-2026-23098: In the Linux kernel, the following vulnerability has been resolved: netrom: fix double-free in nr_route_frame() In nr_route_frame(), old_skb is immedi2026-02-04
CVEList
netrom: fix double-free in nr_route_frame()2026-02-04

📋Vendor Advisories

3
Ubuntu
Linux kernel (NVIDIA Tegra) vulnerabilities2026-04-09
Red Hat
kernel: netrom: fix double-free in nr_route_frame()2026-02-04
Debian
CVE-2026-23098: linux - In the Linux kernel, the following vulnerability has been resolved: netrom: fix...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23098 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23098 (HIGH CVSS 7.8) | In the Linux kernel | cvebase.io