CVE-2026-23449Time-of-check Time-of-use (TOCTOU) Race Condition in Linux

CWE-367Time-of-check Time-of-use (TOCTOU) Race Condition6 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 90.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedApr 3

Description

In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: Fix double-free in teql_master_xmit Whenever a TEQL devices has a lockless Qdisc as root, qdisc_reset should be called using the seq_lock to avoid racing with the datapath. Failure to do so may cause crashes like the following: [ 238.028993][ T318] BUG: KASAN: double-free in skb_release_data (net/core/skbuff.c:1139) [ 238.029328][ T318] Free of addr ffff88810c67ec00 by task poc_teql_uaf_ke/318 [ 238.029749][

Affected Packages3 packages

Debianlinux/linux_kernel< 6.19.10-1
CVEListV5linux/linux96009c7d500efdd5534e83b2e3eb2c58d4b137ae4e8ebc4c18ea8213d28e6cb867d18fcc67daca21+6
debiandebian/linux< linux 6.19.10-1 (forky)

🔴Vulnerability Details

2
GHSA
GHSA-68f3-cx9x-c5jf: In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: Fix double-free in teql_master_xmit Whenever a TEQL devices has2026-04-03
OSV
CVE-2026-23449: In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: Fix double-free in teql_master_xmit Whenever a TEQL devices has a2026-04-03

📋Vendor Advisories

2
Red Hat
kernel: net/sched: teql: Fix double-free in teql_master_xmit2026-04-03
Debian
CVE-2026-23449: linux - In the Linux kernel, the following vulnerability has been resolved: net/sched: ...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23449 Impact, Exploitability, and Mitigation Steps | Wiz