CVE-2026-23118

CWE-362Race ConditionCWE-8208 documents8 sources
Severity
4.7MEDIUM
EPSS
0.0%
top 97.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux LinuxLinux Linux Kernel
Timeline
PublishedFeb 14

Description

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix data-race warning and potential load/store tearing Fix the following: BUG: KCSAN: data-race in rxrpc_peer_keepalive_worker / rxrpc_send_data_packet which is reporting an issue with the reads and writes to ->last_tx_at in: conn->peer->last_tx_at = ktime_get_seconds(); and: keepalive_at = peer->last_tx_at + RXRPC_KEEPALIVE_TIME; The lockless accesses to these to values aren't actually a problem as the read only

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages3 packages

NVDlinux/linux_kernel4.176.12.69+2
CVEListV5linux/linuxace45bec6d77bc061c3c3d8ad99e298ea9800c2ba426f29ac3fa3465093567ab763ada46762fb57c+4
Debianlinux< 6.12.69-1+1

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
GHSA
GHSA-p8gw-hvf3-xmc4: In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix data-race warning and potential load/store tearing Fix the following:2026-02-14
CVEList
rxrpc: Fix data-race warning and potential load/store tearing2026-02-14
OSV
CVE-2026-23118: In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix data-race warning and potential load/store tearing Fix the following: B2026-02-14

📋Vendor Advisories

3
Red Hat
kernel: rxrpc: Fix data-race warning and potential load/store tearing2026-02-14
Microsoft
rxrpc: Fix data-race warning and potential load/store tearing2026-02-10
Debian
CVE-2026-23118: linux - In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix ...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23118 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23118 (MEDIUM CVSS 4.7) | In the Linux kernel | cvebase.io