CVE-2026-23302 — Race Condition within a Thread in Linux

CWE-366 — Race Condition within a Thread8 documents7 sources

Severity

7.1HIGH

No vector

EPSS

0.0%

top 93.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +1 more

Timeline

PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk->sk_{data_ready,write_space} skmsg (and probably other layers) are changing these pointers while other cpus might read them concurrently. Add corresponding READ_ONCE()/WRITE_ONCE() annotations for UDP, TCP and AF_UNIX.

Affected Packages5 packages

▶Linuxlinux/linux_kernel4.20.0 — 6.18.17+1

▶Debianlinux/linux_kernel< 6.19.8-1

▶msrcmsrc/azl3_kernel_6.6.126.1-1_on_azure_linux_3.0

▶CVEListV5linux/linux604326b41a6fb9b4a78b6179335decee0365cd8c — f17c1c4acbe2bd702abce73a847a04a196fab2c5+3

▶debiandebian/linux< linux 6.19.8-1 (forky)

🔴Vulnerability Details

OSV

net: annotate data-races around sk->sk_{data_ready,write_space}↗2026-03-25

▶

OSV

CVE-2026-23302: In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk->sk_{data_ready,write_space} skmsg (and probabl↗2026-03-25

▶

GHSA

GHSA-g352-h749-hp67: In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk->sk_{data_ready,write_space} skmsg (and proba↗2026-03-25

▶

📋Vendor Advisories

Red Hat

kernel: net: annotate data-races around sk->sk_{data_ready,write_space}↗2026-03-25

▶

Microsoft

net: annotate data-races around sk->sk_{data_ready,write_space}↗2026-03-10

▶

Debian

CVE-2026-23302: linux - In the Linux kernel, the following vulnerability has been resolved: net: annota...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-23302 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶