CVE-2026-23326Missing Initialization of Resource in Linux

CWE-909Missing Initialization of Resource7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 93.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix fragment node deletion to prevent buffer leak After commit b692bf9a7543 ("xsk: Get rid of xdp_buff_xsk::xskb_list_node"), the list_node field is reused for both the xskb pool list and the buffer free list, this causes a buffer leak as described below. xp_free() checks if a buffer is already on the free list using list_empty(&xskb->list_node). When list_del() is used to remove a node from the xskb pool list, it doesn'

Affected Packages4 packages

Linuxlinux/linux_kernel6.13.06.18.17+1
Debianlinux/linux_kernel< 6.19.8-1
CVEListV5linux/linux560c974b7ccd95bb9ff20df77f6654283e45c9c65172adf9efb8298a52f4dcdc3f98d4d9d1e06a6d+5
debiandebian/linux< linux 6.19.8-1 (forky)

🔴Vulnerability Details

3
OSV
CVE-2026-23326: In the Linux kernel, the following vulnerability has been resolved: xsk: Fix fragment node deletion to prevent buffer leak After commit b692bf9a7543 (2026-03-25
OSV
xsk: Fix fragment node deletion to prevent buffer leak2026-03-25
GHSA
GHSA-6r9h-pc2x-g962: In the Linux kernel, the following vulnerability has been resolved: xsk: Fix fragment node deletion to prevent buffer leak After commit b692bf9a75432026-03-25

📋Vendor Advisories

2
Red Hat
kernel: xsk: Fix fragment node deletion to prevent buffer leak2026-03-25
Debian
CVE-2026-23326: linux - In the Linux kernel, the following vulnerability has been resolved: xsk: Fix fr...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23326 Impact, Exploitability, and Mitigation Steps | Wiz