CVE-2026-23126
Severity
4.7MEDIUM
EPSS
0.0%
top 97.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 14
Description
In the Linux kernel, the following vulnerability has been resolved:
netdevsim: fix a race issue related to the operation on bpf_bound_progs list
The netdevsim driver lacks a protection mechanism for operations on the
bpf_bound_progs list. When the nsim_bpf_create_prog() performs
list_add_tail, it is possible that nsim_bpf_destroy_prog() is
simultaneously performs list_del. Concurrent operations on the list may
lead to list corruption and trigger a kernel crash as follows:
[ 417.290971] kernel…
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6
Affected Packages3 packages
▶CVEListV5linux/linux31d3ad832948c75139b0e5b653912f7898a1d5d5 — 3f560cfc7706029294132482fff5d1bc7884b70d+5
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-2wj2-8hhp-h6hm: In the Linux kernel, the following vulnerability has been resolved:
netdevsim: fix a race issue related to the operation on bpf_bound_progs list
The↗2026-02-14
OSV▶
CVE-2026-23126: In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix a race issue related to the operation on bpf_bound_progs list The n↗2026-02-14