CVE-2026-23379Integer Overflow or Wraparound in Linux

CWE-190Integer Overflow or Wraparound8 documents7 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 90.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: fix divide by zero in the offload path Offloading ETS requires computing each class' WRR weight: this is done by averaging over the sums of quanta as 'q_sum' and 'q_psum'. Using unsigned int, the same integer size as the individual DRR quanta, can overflow and even cause division by zero, like it happened in the following splat: Oops: divide error: 0000 [#1] SMP PTI CPU: 13 UID: 0 PID: 487 Comm: tc Tainted: G

Affected Packages5 packages

Linuxlinux/linux_kernel5.6.06.1.167+4
Debianlinux/linux_kernel< 6.19.8-1
CVEListV5linux/linuxd35eb52bd2ac7557b62bda52668f2e64dde2cf903912871344d6a0f1f572a7af2716968182d1e536+6
debiandebian/linux< linux 6.19.8-1 (forky)

🔴Vulnerability Details

3
OSV
net/sched: ets: fix divide by zero in the offload path2026-03-25
OSV
CVE-2026-23379: In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: fix divide by zero in the offload path Offloading ETS requires com2026-03-25
GHSA
GHSA-3p6h-g5j4-c7h7: In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: fix divide by zero in the offload path Offloading ETS requires c2026-03-25

📋Vendor Advisories

3
Red Hat
kernel: net/sched: ets: fix divide by zero in the offload path2026-03-25
Microsoft
net/sched: ets: fix divide by zero in the offload path2026-03-10
Debian
CVE-2026-23379: linux - In the Linux kernel, the following vulnerability has been resolved: net/sched: ...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23379 Impact, Exploitability, and Mitigation Steps | Wiz