CVE-2026-23284 — Improper Update of Reference Count in Linux

CWE-911 — Improper Update of Reference Count8 documents7 sources

Severity

6.4MEDIUM

No vector

EPSS

0.0%

top 90.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +1 more

Timeline

PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup() Reset eBPF program pointer to old_prog and do not decrease its ref-count if mtk_open routine in mtk_xdp_setup() fails.

Affected Packages5 packages

▶Linuxlinux/linux_kernel6.0.0 — 6.1.167+4

▶Debianlinux/linux_kernel< 6.19.8-1

▶msrcmsrc/azl3_kernel_6.6.126.1-1_on_azure_linux_3.0

▶CVEListV5linux/linux7c26c20da5d420cde55618263be4aa2f6de53056 — 8c2d76a9658a4dbfcf02f2693a97e2d5ff42197a+6

▶debiandebian/linux< linux 6.19.8-1 (forky)

🔴Vulnerability Details

OSV

CVE-2026-23284: In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp↗2026-03-25

▶

OSV

net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()↗2026-03-25

▶

GHSA

GHSA-qgrv-hh4h-p235: In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xd↗2026-03-25

▶

📋Vendor Advisories

Red Hat

kernel: net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()↗2026-03-25

▶

Microsoft

net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()↗2026-03-10

▶

Debian

CVE-2026-23284: linux - In the Linux kernel, the following vulnerability has been resolved: net: ethern...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-23284 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶