CVE-2026-23343Integer Overflow or Wraparound in Linux

CWE-190Integer Overflow or Wraparound9 documents8 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 90.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
LinuxLinux Kernel
Timeline
PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: xdp: produce a warning when calculated tailroom is negative Many ethernet drivers report xdp Rx queue frag size as being the same as DMA write size. However, the only user of this field, namely bpf_xdp_frags_increase_tail(), clearly expects a truesize. Such difference leads to unspecific memory corruption issues under certain circumstances, e.g. in ixgbevf maximum DMA write size is 3 KB, so when running xskxceiver's XDP_ADJUS

Affected Packages3 packages

Linuxlinux/linux_kernel5.18.06.1.167+4
Debianlinux/linux_kernel< 6.19.8-1
CVEListV5linux/linuxbf25146a5595269810b1f47d048f114c5ff9f54401379540452a02bbc52f639d45dd365cd3624efb+6

🔴Vulnerability Details

4
GHSA
GHSA-rqf2-6q66-wgpp: In the Linux kernel, the following vulnerability has been resolved: xdp: produce a warning when calculated tailroom is negative Many ethernet driver2026-03-25
CVEList
xdp: produce a warning when calculated tailroom is negative2026-03-25
OSV
CVE-2026-23343: In the Linux kernel, the following vulnerability has been resolved: xdp: produce a warning when calculated tailroom is negative Many ethernet drivers2026-03-25
OSV
xdp: produce a warning when calculated tailroom is negative2026-03-25

📋Vendor Advisories

3
Red Hat
kernel: xdp: produce a warning when calculated tailroom is negative2026-03-25
Microsoft
xdp: produce a warning when calculated tailroom is negative2026-03-10
Debian
CVE-2026-23343: linux - In the Linux kernel, the following vulnerability has been resolved: xdp: produc...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23343 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23343 — Integer Overflow or Wraparound | cvebase