CVE-2026-23397 — Improper Handling of Length Parameter Inconsistency in Linux

CWE-130 — Improper Handling of Length Parameter Inconsistency67 documents8 sources

Severity

8.2HIGH

No vector

EPSS

0.0%

top 90.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +1 more

Timeline

PublishedMar 26

Latest updateApr 20

Description

In the Linux kernel, the following vulnerability has been resolved: nfnetlink_osf: validate individual option lengths in fingerprints nfnl_osf_add_callback() validates opt_num bounds and string NUL-termination but does not check individual option length fields. A zero-length option causes nf_osf_match_one() to enter the option matching loop even when foptsize sums to zero, which matches packets with no TCP options where ctx->optp is NULL: Oops: general protection fault KASAN: null-ptr-deref i…

Affected Packages5 packages

▶Linuxlinux/linux_kernel2.6.31 — 6.1.167+4

▶Debianlinux/linux_kernel< 6.19.10-1

▶msrcmsrc/azl3_kernel_6.6.126.1-1_on_azure_linux_3.0

▶CVEListV5linux/linux11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384 — aa0574182c46963c3cdb8cde46ec93aca21100d8+6

▶debiandebian/linux< linux 6.19.10-1 (forky)

🔴Vulnerability Details

VulDB

Linux Kernel up to 7.0-rc4 nfnetlink_osf nfnetlink_osf.c nfnl_osf_add_callback out-of-bounds (EUVD-2026-16157 / WID-SEC-2026-0879)↗2026-04-20

▶

OSV

nfnetlink_osf: validate individual option lengths in fingerprints↗2026-03-26

▶

OSV

CVE-2026-23397: In the Linux kernel, the following vulnerability has been resolved: nfnetlink_osf: validate individual option lengths in fingerprints nfnl_osf_add_cal↗2026-03-26

▶

GHSA

GHSA-3rcm-5vqm-53w6: In the Linux kernel, the following vulnerability has been resolved: nfnetlink_osf: validate individual option lengths in fingerprints nfnl_osf_add_c↗2026-03-26

▶

📋Vendor Advisories

Red Hat

Linux kernel: nfnetlink_osf: Linux kernel: Denial of Service in nfnetlink_osf via crafted network packets↗2026-03-26

▶

Microsoft

nfnetlink_osf: validate individual option lengths in fingerprints↗2026-03-10

▶

Debian

CVE-2026-23397: linux - In the Linux kernel, the following vulnerability has been resolved: nfnetlink_o...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2025-68476 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2026-23356 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2026-1801 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2026-2303 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2026-23266 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶