CVE-2026-23437Expired Pointer Dereference in Linux

CWE-825Expired Pointer Dereference6 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 94.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedApr 3

Description

In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect late read accesses to the hierarchy We look up a netdev during prep of Netlink ops (pre- callbacks) and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual protections. This is not proper, a conversion from a ref to a locked netdev must include a liveness check (a check if the netdev hasn't been unregistered already). Fix the read cases (those under RCU).

Affected Packages3 packages

Debianlinux/linux_kernel< 6.19.10-1
CVEListV5linux/linux4b623f9f0f59652ea71fcb27d60b4c3b65126dbb581eee0890a8bde44f1fb78ad3e70502a897d583+3
debiandebian/linux< linux 6.19.10-1 (forky)

🔴Vulnerability Details

2
GHSA
GHSA-9wj8-78x3-52f8: In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect late read accesses to the hierarchy We look up a netdev dur2026-04-03
OSV
CVE-2026-23437: In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect late read accesses to the hierarchy We look up a netdev durin2026-04-03

📋Vendor Advisories

2
Red Hat
kernel: net: shaper: protect late read accesses to the hierarchy2026-04-03
Debian
CVE-2026-23437: linux - In the Linux kernel, the following vulnerability has been resolved: net: shaper...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23437 Impact, Exploitability, and Mitigation Steps | Wiz