CVE-2026-23319Expired Pointer Dereference in Linux

CWE-825Expired Pointer Dereference8 documents7 sources
Severity
6.4MEDIUM
No vector
EPSS
0.0%
top 90.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim The root cause of this bug is that when 'bpf_link_put' reduces the refcount of 'shim_link->link.link' to zero, the resource is considered released but may still be referenced via 'tr->progs_hlist' in 'cgroup_shim_find'. The actual cleanup of 'tr->progs_hlist' in 'bpf_shim_tramp_link_release' is deferred. During this window, another process can cause a use-after-free via '

Affected Packages5 packages

Linuxlinux/linux_kernel6.0.06.1.167+4
Debianlinux/linux_kernel< 6.19.8-1
CVEListV5linux/linux69fd337a975c7e690dfe49d9cb4fe5ba1e6db44e529e685e522b9d7fb379dbe6929dcdf520e34c8c+6
debiandebian/linux< linux 6.19.8-1 (forky)

🔴Vulnerability Details

3
OSV
bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim2026-03-25
OSV
CVE-2026-23319: In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim The root cause of this bug2026-03-25
GHSA
GHSA-65x4-mv56-gf8m: In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim The root cause of this b2026-03-25

📋Vendor Advisories

3
Red Hat
kernel: bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim2026-03-25
Microsoft
bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim2026-03-10
Debian
CVE-2026-23319: linux - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a ...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23319 Impact, Exploitability, and Mitigation Steps | Wiz