CVE-2026-23310Improper Validation of Consistency within Input in Linux

CWE-1288Improper Validation of Consistency within Input8 documents7 sources
Severity
7.1HIGH
No vector
EPSS
0.0%
top 93.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded bond_option_mode_set() already rejects mode changes that would make a loaded XDP program incompatible via bond_xdp_check(). However, bond_option_xmit_hash_policy_set() has no such guard. For 802.3ad and balance-xor modes, bond_xdp_check() returns false when xmit_hash_policy is vlan+srcmac, because the 802.1q payload is usually absent due to hardware of

Affected Packages5 packages

Linuxlinux/linux_kernel5.15.06.6.130+3
Debianlinux/linux_kernel< 6.19.8-1
CVEListV5linux/linux39a0876d595bd7c7512782dfcce0ee66f65bf2215c262bd0e39320a6d6c8277cb8349ce21c01b8c1+5
debiandebian/linux< linux 6.19.8-1 (forky)

🔴Vulnerability Details

3
OSV
bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded2026-03-25
OSV
CVE-2026-23310: In the Linux kernel, the following vulnerability has been resolved: bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded bond_op2026-03-25
GHSA
GHSA-wj2w-7vcf-m7fj: In the Linux kernel, the following vulnerability has been resolved: bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded bond_2026-03-25

📋Vendor Advisories

3
Red Hat
kernel: bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded2026-03-25
Microsoft
bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded2026-03-10
Debian
CVE-2026-23310: linux - In the Linux kernel, the following vulnerability has been resolved: bpf/bonding...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23310 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23310 — Linux vulnerability | cvebase