CVE-2026-23321Improper Update of Reference Count in Linux

CWE-911Improper Update of Reference Count7 documents6 sources
Severity
3.3LOW
No vector
EPSS
0.0%
top 90.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always mark signal+subflow endp as used Syzkaller managed to find a combination of actions that was generating this warning: msk->pm.local_addr_used == 0 WARNING: net/mptcp/pm_kernel.c:1071 at __mark_subflow_endp_available net/mptcp/pm_kernel.c:1071 [inline], CPU#1: syz.2.17/961 WARNING: net/mptcp/pm_kernel.c:1071 at mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_kernel.c:1103 [inline], CPU#1: syz.

Affected Packages4 packages

Linuxlinux/linux_kernel6.2.06.6.130+4
Debianlinux/linux_kernel< 6.19.8-1
debiandebian/linux< linux 6.19.8-1 (forky)
CVEListV5linux/linuxd93cf38fad9f66397093432b8917971a92ee0146c5c877e140e5f46023a74a51e577ce5edd0a4be7+7

🔴Vulnerability Details

3
OSV
mptcp: pm: in-kernel: always mark signal+subflow endp as used2026-03-25
OSV
CVE-2026-23321: In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always mark signal+subflow endp as used Syzkaller managed to2026-03-25
GHSA
GHSA-cp65-xq47-m66j: In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always mark signal+subflow endp as used Syzkaller managed2026-03-25

📋Vendor Advisories

2
Red Hat
kernel: mptcp: pm: in-kernel: always mark signal+subflow endp as used2026-03-25
Debian
CVE-2026-23321: linux - In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23321 Impact, Exploitability, and Mitigation Steps | Wiz