CVE-2026-23104

CWE-8257 documents7 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 95.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux LinuxLinux Linux Kernel
Timeline
PublishedFeb 4

Description

In the Linux kernel, the following vulnerability has been resolved: ice: fix devlink reload call trace Commit 4da71a77fc3b ("ice: read internal temperature sensor") introduced internal temperature sensor reading via HWMON. ice_hwmon_init() was added to ice_init_feature() and ice_hwmon_exit() was added to ice_remove(). As a result if devlink reload is used to reinit the device and then the driver is removed, a call trace can occur. BUG: unable to handle page fault for address: ffffffffc0fd4b5d

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

NVDlinux/linux_kernel6.86.18.8+1
CVEListV5linux/linux4da71a77fc3be1fcb680c8d78e1a1fb8017905ad8ac7dd0f813fb65ff2fd9543900c3009f8e84110+3
Debianlinux< 6.18.8-1

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
GHSA
GHSA-m2vm-4pmq-6gpc: In the Linux kernel, the following vulnerability has been resolved: ice: fix devlink reload call trace Commit 4da71a77fc3b ("ice: read internal temp2026-02-04
CVEList
ice: fix devlink reload call trace2026-02-04
OSV
CVE-2026-23104: In the Linux kernel, the following vulnerability has been resolved: ice: fix devlink reload call trace Commit 4da71a77fc3b ("ice: read internal temper2026-02-04

📋Vendor Advisories

2
Red Hat
kernel: ice: fix devlink reload call trace2026-02-04
Debian
CVE-2026-23104: linux - In the Linux kernel, the following vulnerability has been resolved: ice: fix de...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23104 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23104 (MEDIUM CVSS 5.5) | In the Linux kernel | cvebase.io