Vulnerability-Lookup

CVE-2026-23385 (GCVE-0-2026-23385)

Vulnerability from cvelistv5 – Published: 2026-03-25 10:28 – Updated: 2026-04-13 06:06

Title

netfilter: nf_tables: clone set on flush only

Summary

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: clone set on flush only Syzbot with fault injection triggered a failing memory allocation with GFP_KERNEL which results in a WARN splat: iter.err WARNING: net/netfilter/nf_tables_api.c:845 at nft_map_deactivate+0x34e/0x3c0 net/netfilter/nf_tables_api.c:845, CPU#0: syz.0.17/5992 Modules linked in: CPU: 0 UID: 0 PID: 5992 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 RIP: 0010:nft_map_deactivate+0x34e/0x3c0 net/netfilter/nf_tables_api.c:845 Code: 8b 05 86 5a 4e 09 48 3b 84 24 a0 00 00 00 75 62 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 63 6d fa f7 90 <0f> 0b 90 43 +80 7c 35 00 00 0f 85 23 fe ff ff e9 26 fe ff ff 89 d9 RSP: 0018:ffffc900045af780 EFLAGS: 00010293 RAX: ffffffff89ca45bd RBX: 00000000fffffff4 RCX: ffff888028111e40 RDX: 0000000000000000 RSI: 00000000fffffff4 RDI: 0000000000000000 RBP: ffffc900045af870 R08: 0000000000400dc0 R09: 00000000ffffffff R10: dffffc0000000000 R11: fffffbfff1d141db R12: ffffc900045af7e0 R13: 1ffff920008b5f24 R14: dffffc0000000000 R15: ffffc900045af920 FS: 000055557a6a5500(0000) GS:ffff888125496000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fb5ea271fc0 CR3: 000000003269e000 CR4: 00000000003526f0 Call Trace: <TASK> __nft_release_table+0xceb/0x11f0 net/netfilter/nf_tables_api.c:12115 nft_rcv_nl_event+0xc25/0xdb0 net/netfilter/nf_tables_api.c:12187 notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85 blocking_notifier_call_chain+0x6a/0x90 kernel/notifier.c:380 netlink_release+0x123b/0x1ad0 net/netlink/af_netlink.c:761 __sock_release net/socket.c:662 [inline] sock_close+0xc3/0x240 net/socket.c:1455 Restrict set clone to the flush set command in the preparation phase. Add NFT_ITER_UPDATE_CLONE and use it for this purpose, update the rbtree and pipapo backends to only clone the set when this iteration type is used. As for the existing NFT_ITER_UPDATE type, update the pipapo backend to use the existing set clone if available, otherwise use the existing set representation. After this update, there is no need to clone a set that is being deleted, this includes bound anonymous set. An alternative approach to NFT_ITER_UPDATE_CLONE is to add a .clone interface and call it from the flush set path.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

FKIE_CVE-2026-23385

Vulnerability from fkie_nvd - Published: 2026-03-25 11:16 - Updated: 2026-04-24 18:44

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/9154945a6394029822bd08c24cef5a3f86d0424a	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/b7f67282ca2be14b727dd698b50e10cf5d8c66f9	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/fb7fb4016300ac622c964069e286dc83166a5d52	Patch

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	6.10
linux	linux_kernel	7.0
linux	linux_kernel	7.0
linux	linux_kernel	7.0
linux	linux_kernel	7.0
linux	linux_kernel	7.0
linux	linux_kernel	7.0
linux	linux_kernel	7.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D28D317-0EE7-48DD-B7B5-C8D2E19775D7",
              "versionEndExcluding": "6.18.17",
              "versionStartIncluding": "6.10.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69245D10-0B71-485E-80C3-A64F077004D3",
              "versionEndExcluding": "6.19.7",
              "versionStartIncluding": "6.19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:-:*:*:*:*:*:*",
              "matchCriteriaId": "9EA80796-744E-45F5-8632-2AB4F7889FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "F253B622-8837-4245-BCE5-A7BF8FC76A16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "F666C8D8-6538-46D4-B318-87610DE64C34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "02259FDA-961B-47BC-AE7F-93D7EC6E90C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "58A9FEFF-C040-420D-8F0A-BFDAAA1DF258",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "1D2315C0-D46F-4F85-9754-F9E5E11374A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*",
              "matchCriteriaId": "512EE3A8-A590-4501-9A94-5D4B268D6138",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: clone set on flush only\n\nSyzbot with fault injection triggered a failing memory allocation with\nGFP_KERNEL which results in a WARN splat:\n\niter.err\nWARNING: net/netfilter/nf_tables_api.c:845 at nft_map_deactivate+0x34e/0x3c0 net/netfilter/nf_tables_api.c:845, CPU#0: syz.0.17/5992\nModules linked in:\nCPU: 0 UID: 0 PID: 5992 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026\nRIP: 0010:nft_map_deactivate+0x34e/0x3c0 net/netfilter/nf_tables_api.c:845\nCode: 8b 05 86 5a 4e 09 48 3b 84 24 a0 00 00 00 75 62 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 63 6d fa f7 90 \u003c0f\u003e 0b 90 43\n+80 7c 35 00 00 0f 85 23 fe ff ff e9 26 fe ff ff 89 d9\nRSP: 0018:ffffc900045af780 EFLAGS: 00010293\nRAX: ffffffff89ca45bd RBX: 00000000fffffff4 RCX: ffff888028111e40\nRDX: 0000000000000000 RSI: 00000000fffffff4 RDI: 0000000000000000\nRBP: ffffc900045af870 R08: 0000000000400dc0 R09: 00000000ffffffff\nR10: dffffc0000000000 R11: fffffbfff1d141db R12: ffffc900045af7e0\nR13: 1ffff920008b5f24 R14: dffffc0000000000 R15: ffffc900045af920\nFS:  000055557a6a5500(0000) GS:ffff888125496000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fb5ea271fc0 CR3: 000000003269e000 CR4: 00000000003526f0\nCall Trace:\n \u003cTASK\u003e\n __nft_release_table+0xceb/0x11f0 net/netfilter/nf_tables_api.c:12115\n nft_rcv_nl_event+0xc25/0xdb0 net/netfilter/nf_tables_api.c:12187\n notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n blocking_notifier_call_chain+0x6a/0x90 kernel/notifier.c:380\n netlink_release+0x123b/0x1ad0 net/netlink/af_netlink.c:761\n __sock_release net/socket.c:662 [inline]\n sock_close+0xc3/0x240 net/socket.c:1455\n\nRestrict set clone to the flush set command in the preparation phase.\nAdd NFT_ITER_UPDATE_CLONE and use it for this purpose, update the rbtree\nand pipapo backends to only clone the set when this iteration type is\nused.\n\nAs for the existing NFT_ITER_UPDATE type, update the pipapo backend to\nuse the existing set clone if available, otherwise use the existing set\nrepresentation. After this update, there is no need to clone a set that\nis being deleted, this includes bound anonymous set.\n\nAn alternative approach to NFT_ITER_UPDATE_CLONE is to add a .clone\ninterface and call it from the flush set path."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nnetfilter: nf_tables: clonar conjunto solo al vaciar\n\nSyzbot con inyecci\u00f3n de fallos activ\u00f3 una asignaci\u00f3n de memoria fallida con\nGFP_KERNEL lo que resulta en un WARN splat:\n\niter.err\nADVERTENCIA: net/netfilter/nf_tables_api.c:845 en nft_map_deactivate+0x34e/0x3c0 net/netfilter/nf_tables_api.c:845, CPU#0: syz.0.17/5992\nM\u00f3dulos enlazados:\nCPU: 0 UID: 0 PID: 5992 Comm: syz.0.17 No contaminado syzkaller #0 PREEMPT(full)\nNombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026\nRIP: 0010:nft_map_deactivate+0x34e/0x3c0 net/netfilter/nf_tables_api.c:845\nC\u00f3digo: 8b 05 86 5a 4e 09 48 3b 84 24 a0 00 00 00 75 62 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 63 6d fa f7 90 \u0026lt;0f\u0026gt; 0b 90 43\n+80 7c 35 00 00 0f 85 23 fe ff ff e9 26 fe ff ff 89 d9\nRSP: 0018:ffffc900045af780 EFLAGS: 00010293\nRAX: ffffffff89ca45bd RBX: 00000000fffffff4 RCX: ffff888028111e40\nRDX: 0000000000000000 RSI: 00000000fffffff4 RDI: 0000000000000000\nRBP: ffffc900045af870 R08: 0000000000400dc0 R09: 00000000ffffffff\nR10: dffffc0000000000 R11: fffffbfff1d141db R12: ffffc900045af7e0\nR13: 1ffff920008b5f24 R14: dffffc0000000000 R15: ffffc900045af920\nFS:  000055557a6a5500(0000) GS:ffff888125496000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fb5ea271fc0 CR3: 000000003269e000 CR4: 00000000003526f0\nRastro de llamada:\n \n __nft_release_table+0xceb/0x11f0 net/netfilter/nf_tables_api.c:12115\n nft_rcv_nl_event+0xc25/0xdb0 net/netfilter/nf_tables_api.c:12187\n notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n blocking_notifier_call_chain+0x6a/0x90 kernel/notifier.c:380\n netlink_release+0x123b/0x1ad0 net/netlink/af_netlink.c:761\n __sock_release net/socket.c:662 [inline]\n sock_close+0xc3/0x240 net/socket.c:1455\n\nRestringir la clonaci\u00f3n del conjunto al comando de vaciado del conjunto en la fase de preparaci\u00f3n.\nA\u00f1adir NFT_ITER_UPDATE_CLONE y usarlo para este prop\u00f3sito, actualizar los backends rbtree\ny pipapo para clonar el conjunto solo cuando se usa este tipo de iteraci\u00f3n.\n\nEn cuanto al tipo NFT_ITER_UPDATE existente, actualizar el backend pipapo para\nusar el clon de conjunto existente si est\u00e1 disponible, de lo contrario usar la representaci\u00f3n\nde conjunto existente. Despu\u00e9s de esta actualizaci\u00f3n, no hay necesidad de clonar un conjunto que\nest\u00e1 siendo eliminado, esto incluye el conjunto an\u00f3nimo vinculado.\n\nUn enfoque alternativo a NFT_ITER_UPDATE_CLONE es a\u00f1adir una interfaz .clone\ny llamarla desde la ruta de vaciado del conjunto."
    }
  ],
  "id": "CVE-2026-23385",
  "lastModified": "2026-04-24T18:44:10.210",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2026-03-25T11:16:38.773",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/9154945a6394029822bd08c24cef5a3f86d0424a"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/b7f67282ca2be14b727dd698b50e10cf5d8c66f9"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/fb7fb4016300ac622c964069e286dc83166a5d52"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

WID-SEC-W-2026-0861

Vulnerability from csaf_certbund - Published: 2026-03-24 23:00 - Updated: 2026-03-25 23:00

Summary

Linux Kernel: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service zu verursachen, Sicherheitsmaßnahmen zu umgehen, Informationen offenzulegen, weitere nicht spezifizierte Auswirkungen zu verursachen und potentiell Code auszuführen.

Betroffene Betriebssysteme: - Linux

CVE-2026-23279

CVE-2026-23280

CVE-2026-23281

CVE-2026-23282

CVE-2026-23283

CVE-2026-23284

CVE-2026-23285

CVE-2026-23286

CVE-2026-23287

CVE-2026-23288

CVE-2026-23289

CVE-2026-23290

CVE-2026-23291

CVE-2026-23292

CVE-2026-23293

CVE-2026-23294

CVE-2026-23295

CVE-2026-23296

CVE-2026-23297

CVE-2026-23298

CVE-2026-23299

CVE-2026-23300

CVE-2026-23301

CVE-2026-23302

CVE-2026-23303

CVE-2026-23304

CVE-2026-23305

CVE-2026-23306

CVE-2026-23307

CVE-2026-23308

CVE-2026-23309

CVE-2026-23310

CVE-2026-23311

CVE-2026-23312

CVE-2026-23313

CVE-2026-23314

CVE-2026-23315

CVE-2026-23316

CVE-2026-23317

CVE-2026-23318

CVE-2026-23319

CVE-2026-23320

CVE-2026-23321

CVE-2026-23322

CVE-2026-23323

CVE-2026-23324

CVE-2026-23325

CVE-2026-23326

CVE-2026-23327

CVE-2026-23328

CVE-2026-23329

CVE-2026-23330

CVE-2026-23331

CVE-2026-23332

CVE-2026-23333

CVE-2026-23334

CVE-2026-23335

CVE-2026-23336

CVE-2026-23337

CVE-2026-23338

CVE-2026-23339

CVE-2026-23340

CVE-2026-23341

CVE-2026-23342

CVE-2026-23343

CVE-2026-23344

CVE-2026-23345

CVE-2026-23346

CVE-2026-23347

CVE-2026-23348

CVE-2026-23349

CVE-2026-23350

CVE-2026-23351

CVE-2026-23352

CVE-2026-23353

CVE-2026-23354

CVE-2026-23355

CVE-2026-23356

CVE-2026-23357

CVE-2026-23358

CVE-2026-23359

CVE-2026-23360

CVE-2026-23361

CVE-2026-23362

CVE-2026-23363

CVE-2026-23364

CVE-2026-23365

CVE-2026-23366

CVE-2026-23367

CVE-2026-23368

CVE-2026-23369

CVE-2026-23370

CVE-2026-23371

CVE-2026-23372

CVE-2026-23373

CVE-2026-23374

CVE-2026-23375

CVE-2026-23376

CVE-2026-23377

CVE-2026-23378

CVE-2026-23379

CVE-2026-23380

CVE-2026-23381

CVE-2026-23382

CVE-2026-23383

CVE-2026-23384

CVE-2026-23385

CVE-2026-23386

CVE-2026-23387

CVE-2026-23388

CVE-2026-23389

CVE-2026-23390

CVE-2026-23391

CVE-2026-23392

CVE-2026-23393

CVE-2026-23394

CVE-2026-23395

References

URL

Category

	https://wid.cert-bund.de/.well-known/csaf/white/2…	self
	https://wid.cert-bund.de/portal/wid/securityadvis…	self
	https://lore.kernel.org/linux-cve-announce/	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service zu verursachen, Sicherheitsma\u00dfnahmen zu umgehen, Informationen offenzulegen, weitere nicht spezifizierte Auswirkungen zu verursachen und potentiell Code auszuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0861 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0861.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0861 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0861"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23279",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032522-CVE-2026-23279-cf34@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23280",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23280-cd9e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23281",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23281-2e62@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23282",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23282-bad0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23283",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23283-3d92@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23284",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23284-ca53@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23285",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23285-ad41@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23286",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23286-8a7e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23287",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23287-93b2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23288",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23288-1d11@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23289",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23289-aa54@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23290",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23290-af97@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23291",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23291-eae3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23292",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23292-67e8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23293",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23293-b422@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23294",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23294-1682@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23295",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23295-59d2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23296",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23296-eb4a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23297",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23297-bcad@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23298",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23298-fad9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23299",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23299-6471@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23300",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23300-9bc4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23301",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23301-09e7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23302",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23302-e03d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23303",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23303-8e38@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23304",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23304-485b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23305",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23305-5fa4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23306",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23306-8854@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23307",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23307-60f2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23308",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23308-1e72@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23309",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23309-4243@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23310",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23310-9b67@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23311",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23311-8c0b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23312",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23312-2b11@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23313",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23313-925e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23314",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23314-166c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23315",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23315-9ac1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23316",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23316-2ce3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23317",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23317-0e9e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23318",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23318-bef0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23319",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23319-1e3d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23320",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23320-0ae7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23321",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23321-6059@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23322",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23322-9fd3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23323",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23323-53db@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23324",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23324-bc9e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23325",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23325-4e3b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23326",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23326-ffc6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23327",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23327-c497@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23328",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23328-9600@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23329",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23329-c743@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23330",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23330-00fd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23331",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23331-735b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23332",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23332-50e0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23333",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23333-417f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23334",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23334-1b12@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23335",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23335-602d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23336",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23336-d365@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23337",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23337-5018@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23338",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23338-67c7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23339",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23339-263f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23340",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23340-1aa9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23341",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23341-3f7b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23342",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23342-8456@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23343",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23343-dc2b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23344",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23344-0279@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23345",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23345-c154@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23346",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23346-faed@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23347",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23347-fa08@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23348",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23348-e792@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23349",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23349-aa6a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23350",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23350-f4be@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23351",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23351-637f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23352",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23352-18f2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23353",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23353-d0c3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23354",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23354-d9b2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23355",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23355-86df@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23356",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23356-0014@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23357",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23357-605e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23358",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23358-1042@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23359",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23359-35fd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23360",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23360-c464@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23361",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23361-bd5c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23362",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23362-40bd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23363",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23363-3e24@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23364",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23364-4267@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23365",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23365-76d3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23366",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23366-a7c4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23367",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23367-6e44@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23368",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23368-c240@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23369",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23369-b6c6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23370",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23370-02d2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23371",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23371-1b32@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23372",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23372-7bc9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23373",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23373-0203@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23374",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23374-9345@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23375",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23375-91b1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23376",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23376-114a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23377",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23377-cb04@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23378",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23378-f329@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23379",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23379-3b2d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23380",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23380-9e3c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23381",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23381-378d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23382",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23382-26fe@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23383",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23383-f205@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23384",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23384-489a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23385",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23385-3414@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23386",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23386-acc4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23387",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23387-4399@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23388",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23388-9e71@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23389",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23389-2056@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23390",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23390-7146@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23391",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032548-CVE-2026-23391-bb43@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23392",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032548-CVE-2026-23392-fd9d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23393",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032548-CVE-2026-23393-c395@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23394",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032549-CVE-2026-23394-9205@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23395",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032549-CVE-2026-23395-5e50@gregkh/"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-03-25T23:00:00.000+00:00",
      "generator": {
        "date": "2026-03-26T07:56:13.854+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-0861",
      "initial_release_date": "2026-03-24T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-03-24T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-03-25T23:00:00.000+00:00",
          "number": "2",
          "summary": "Referenz(en) aufgenommen: EUVD-2026-15382, EUVD-2026-15378, EUVD-2026-15381, EUVD-2026-15376, EUVD-2026-15374, EUVD-2026-15372, EUVD-2026-15371, EUVD-2026-15367, EUVD-2026-15368, EUVD-2026-15363, EUVD-2026-15365, EUVD-2026-15362, EUVD-2026-15359, EUVD-2026-15357, EUVD-2026-15355, EUVD-2026-15353, EUVD-2026-15351, EUVD-2026-15350, EUVD-2026-15345, EUVD-2026-15343, EUVD-2026-15344, EUVD-2026-15342, EUVD-2026-15336, EUVD-2026-15340, EUVD-2026-15339, EUVD-2026-15334, EUVD-2026-15332, EUVD-2026-15330, EUVD-2026-15328, EUVD-2026-15325, EUVD-2026-15329, EUVD-2026-15321, EUVD-2026-15323, EUVD-2026-15319, EUVD-2026-15317, EUVD-2026-15313, EUVD-2026-15312, EUVD-2026-15311, EUVD-2026-15310, EUVD-2026-15309, EUVD-2026-15308, EUVD-2026-15305, EUVD-2026-15307, EUVD-2026-15304, EUVD-2026-15299, EUVD-2026-15298, EUVD-2026-15295, EUVD-2026-15293, EUVD-2026-15292, EUVD-2026-15289, EUVD-2026-15287, EUVD-2026-15285, EUVD-2026-15284, EUVD-2026-15279, EUVD-2026-15278, EUVD-2026-15277, EUVD-2026-15276, EUVD-2026-15272, EUVD-2026-15274, EUVD-2026-15271, EUVD-2026-15269, EUVD-2026-15267, EUVD-2026-15263, EUVD-2026-15261, EUVD-2026-15258, EUVD-2026-15256, EUVD-2026-15254, EUVD-2026-15253, EUVD-2026-15252, EUVD-2026-15251, EUVD-2026-15250, EUVD-2026-15245, EUVD-2026-15248, EUVD-2026-15242, EUVD-2026-15238, EUVD-2026-15240, EUVD-2026-15235, EUVD-2026-15236, EUVD-2026-15234, EUVD-2026-15231, EUVD-2026-15233, EUVD-2026-15227, EUVD-2026-15224, EUVD-2026-15225, EUVD-2026-15221, EUVD-2026-15220, EUVD-2026-15218, EUVD-2026-15219, EUVD-2026-15216, EUVD-2026-15215, EUVD-2026-15211, EUVD-2026-15206, EUVD-2026-15208, EUVD-2026-15204, EUVD-2026-15200, EUVD-2026-15203, EUVD-2026-15198, EUVD-2026-15366, EUVD-2026-15384, EUVD-2026-15387, EUVD-2026-15388, EUVD-2026-15390, EUVD-2026-15392, EUVD-2026-15393, EUVD-2026-15394, EUVD-2026-15396, EUVD-2026-15398, EUVD-2026-15281, EUVD-2026-15348, EUVD-2026-15391, EUVD-2026-15331, EUVD-2026-15315, EUVD-2026-15301, EUVD-2026-15264, EUVD-2026-15246, EUVD-2026-15230, EUVD-2026-15212"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T028462",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:unspecified"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-23279",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23279"
    },
    {
      "cve": "CVE-2026-23280",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23280"
    },
    {
      "cve": "CVE-2026-23281",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23281"
    },
    {
      "cve": "CVE-2026-23282",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23282"
    },
    {
      "cve": "CVE-2026-23283",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23283"
    },
    {
      "cve": "CVE-2026-23284",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23284"
    },
    {
      "cve": "CVE-2026-23285",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23285"
    },
    {
      "cve": "CVE-2026-23286",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23286"
    },
    {
      "cve": "CVE-2026-23287",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23287"
    },
    {
      "cve": "CVE-2026-23288",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23288"
    },
    {
      "cve": "CVE-2026-23289",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23289"
    },
    {
      "cve": "CVE-2026-23290",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23290"
    },
    {
      "cve": "CVE-2026-23291",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23291"
    },
    {
      "cve": "CVE-2026-23292",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23292"
    },
    {
      "cve": "CVE-2026-23293",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23293"
    },
    {
      "cve": "CVE-2026-23294",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23294"
    },
    {
      "cve": "CVE-2026-23295",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23295"
    },
    {
      "cve": "CVE-2026-23296",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23296"
    },
    {
      "cve": "CVE-2026-23297",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23297"
    },
    {
      "cve": "CVE-2026-23298",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23298"
    },
    {
      "cve": "CVE-2026-23299",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23299"
    },
    {
      "cve": "CVE-2026-23300",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23300"
    },
    {
      "cve": "CVE-2026-23301",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23301"
    },
    {
      "cve": "CVE-2026-23302",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23302"
    },
    {
      "cve": "CVE-2026-23303",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23303"
    },
    {
      "cve": "CVE-2026-23304",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23304"
    },
    {
      "cve": "CVE-2026-23305",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23305"
    },
    {
      "cve": "CVE-2026-23306",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23306"
    },
    {
      "cve": "CVE-2026-23307",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23307"
    },
    {
      "cve": "CVE-2026-23308",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23308"
    },
    {
      "cve": "CVE-2026-23309",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23309"
    },
    {
      "cve": "CVE-2026-23310",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23310"
    },
    {
      "cve": "CVE-2026-23311",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23311"
    },
    {
      "cve": "CVE-2026-23312",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23312"
    },
    {
      "cve": "CVE-2026-23313",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23313"
    },
    {
      "cve": "CVE-2026-23314",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23314"
    },
    {
      "cve": "CVE-2026-23315",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23315"
    },
    {
      "cve": "CVE-2026-23316",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23316"
    },
    {
      "cve": "CVE-2026-23317",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23317"
    },
    {
      "cve": "CVE-2026-23318",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23318"
    },
    {
      "cve": "CVE-2026-23319",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23319"
    },
    {
      "cve": "CVE-2026-23320",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23320"
    },
    {
      "cve": "CVE-2026-23321",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23321"
    },
    {
      "cve": "CVE-2026-23322",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23322"
    },
    {
      "cve": "CVE-2026-23323",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23323"
    },
    {
      "cve": "CVE-2026-23324",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23324"
    },
    {
      "cve": "CVE-2026-23325",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23325"
    },
    {
      "cve": "CVE-2026-23326",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23326"
    },
    {
      "cve": "CVE-2026-23327",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23327"
    },
    {
      "cve": "CVE-2026-23328",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23328"
    },
    {
      "cve": "CVE-2026-23329",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23329"
    },
    {
      "cve": "CVE-2026-23330",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23330"
    },
    {
      "cve": "CVE-2026-23331",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23331"
    },
    {
      "cve": "CVE-2026-23332",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23332"
    },
    {
      "cve": "CVE-2026-23333",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23333"
    },
    {
      "cve": "CVE-2026-23334",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23334"
    },
    {
      "cve": "CVE-2026-23335",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23335"
    },
    {
      "cve": "CVE-2026-23336",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23336"
    },
    {
      "cve": "CVE-2026-23337",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23337"
    },
    {
      "cve": "CVE-2026-23338",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23338"
    },
    {
      "cve": "CVE-2026-23339",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23339"
    },
    {
      "cve": "CVE-2026-23340",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23340"
    },
    {
      "cve": "CVE-2026-23341",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23341"
    },
    {
      "cve": "CVE-2026-23342",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23342"
    },
    {
      "cve": "CVE-2026-23343",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23343"
    },
    {
      "cve": "CVE-2026-23344",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23344"
    },
    {
      "cve": "CVE-2026-23345",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23345"
    },
    {
      "cve": "CVE-2026-23346",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23346"
    },
    {
      "cve": "CVE-2026-23347",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23347"
    },
    {
      "cve": "CVE-2026-23348",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23348"
    },
    {
      "cve": "CVE-2026-23349",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23349"
    },
    {
      "cve": "CVE-2026-23350",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23350"
    },
    {
      "cve": "CVE-2026-23351",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23351"
    },
    {
      "cve": "CVE-2026-23352",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23352"
    },
    {
      "cve": "CVE-2026-23353",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23353"
    },
    {
      "cve": "CVE-2026-23354",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23354"
    },
    {
      "cve": "CVE-2026-23355",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23355"
    },
    {
      "cve": "CVE-2026-23356",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23356"
    },
    {
      "cve": "CVE-2026-23357",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23357"
    },
    {
      "cve": "CVE-2026-23358",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23358"
    },
    {
      "cve": "CVE-2026-23359",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23359"
    },
    {
      "cve": "CVE-2026-23360",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23360"
    },
    {
      "cve": "CVE-2026-23361",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23361"
    },
    {
      "cve": "CVE-2026-23362",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23362"
    },
    {
      "cve": "CVE-2026-23363",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23363"
    },
    {
      "cve": "CVE-2026-23364",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23364"
    },
    {
      "cve": "CVE-2026-23365",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23365"
    },
    {
      "cve": "CVE-2026-23366",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23366"
    },
    {
      "cve": "CVE-2026-23367",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23367"
    },
    {
      "cve": "CVE-2026-23368",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23368"
    },
    {
      "cve": "CVE-2026-23369",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23369"
    },
    {
      "cve": "CVE-2026-23370",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23370"
    },
    {
      "cve": "CVE-2026-23371",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23371"
    },
    {
      "cve": "CVE-2026-23372",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23372"
    },
    {
      "cve": "CVE-2026-23373",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23373"
    },
    {
      "cve": "CVE-2026-23374",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23374"
    },
    {
      "cve": "CVE-2026-23375",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23375"
    },
    {
      "cve": "CVE-2026-23376",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23376"
    },
    {
      "cve": "CVE-2026-23377",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23377"
    },
    {
      "cve": "CVE-2026-23378",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23378"
    },
    {
      "cve": "CVE-2026-23379",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23379"
    },
    {
      "cve": "CVE-2026-23380",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23380"
    },
    {
      "cve": "CVE-2026-23381",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23381"
    },
    {
      "cve": "CVE-2026-23382",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23382"
    },
    {
      "cve": "CVE-2026-23383",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23383"
    },
    {
      "cve": "CVE-2026-23384",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23384"
    },
    {
      "cve": "CVE-2026-23385",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23385"
    },
    {
      "cve": "CVE-2026-23386",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23386"
    },
    {
      "cve": "CVE-2026-23387",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23387"
    },
    {
      "cve": "CVE-2026-23388",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23388"
    },
    {
      "cve": "CVE-2026-23389",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23389"
    },
    {
      "cve": "CVE-2026-23390",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23390"
    },
    {
      "cve": "CVE-2026-23391",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23391"
    },
    {
      "cve": "CVE-2026-23392",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23392"
    },
    {
      "cve": "CVE-2026-23393",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23393"
    },
    {
      "cve": "CVE-2026-23394",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23394"
    },
    {
      "cve": "CVE-2026-23395",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23395"
    }
  ]
}

GHSA-G792-JHJ8-228V

Vulnerability from github – Published: 2026-03-25 12:30 – Updated: 2026-03-25 12:30

Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: clone set on flush only

Syzbot with fault injection triggered a failing memory allocation with GFP_KERNEL which results in a WARN splat:

iter.err WARNING: net/netfilter/nf_tables_api.c:845 at nft_map_deactivate+0x34e/0x3c0 net/netfilter/nf_tables_api.c:845, CPU#0: syz.0.17/5992 Modules linked in: CPU: 0 UID: 0 PID: 5992 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 RIP: 0010:nft_map_deactivate+0x34e/0x3c0 net/netfilter/nf_tables_api.c:845 Code: 8b 05 86 5a 4e 09 48 3b 84 24 a0 00 00 00 75 62 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 63 6d fa f7 90 <0f> 0b 90 43 +80 7c 35 00 00 0f 85 23 fe ff ff e9 26 fe ff ff 89 d9 RSP: 0018:ffffc900045af780 EFLAGS: 00010293 RAX: ffffffff89ca45bd RBX: 00000000fffffff4 RCX: ffff888028111e40 RDX: 0000000000000000 RSI: 00000000fffffff4 RDI: 0000000000000000 RBP: ffffc900045af870 R08: 0000000000400dc0 R09: 00000000ffffffff R10: dffffc0000000000 R11: fffffbfff1d141db R12: ffffc900045af7e0 R13: 1ffff920008b5f24 R14: dffffc0000000000 R15: ffffc900045af920 FS: 000055557a6a5500(0000) GS:ffff888125496000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fb5ea271fc0 CR3: 000000003269e000 CR4: 00000000003526f0 Call Trace: __nft_release_table+0xceb/0x11f0 net/netfilter/nf_tables_api.c:12115 nft_rcv_nl_event+0xc25/0xdb0 net/netfilter/nf_tables_api.c:12187 notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85 blocking_notifier_call_chain+0x6a/0x90 kernel/notifier.c:380 netlink_release+0x123b/0x1ad0 net/netlink/af_netlink.c:761 __sock_release net/socket.c:662 [inline] sock_close+0xc3/0x240 net/socket.c:1455

Restrict set clone to the flush set command in the preparation phase. Add NFT_ITER_UPDATE_CLONE and use it for this purpose, update the rbtree and pipapo backends to only clone the set when this iteration type is used.

As for the existing NFT_ITER_UPDATE type, update the pipapo backend to use the existing set clone if available, otherwise use the existing set representation. After this update, there is no need to clone a set that is being deleted, this includes bound anonymous set.

An alternative approach to NFT_ITER_UPDATE_CLONE is to add a .clone interface and call it from the flush set path.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-23385"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-25T11:16:38Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: clone set on flush only\n\nSyzbot with fault injection triggered a failing memory allocation with\nGFP_KERNEL which results in a WARN splat:\n\niter.err\nWARNING: net/netfilter/nf_tables_api.c:845 at nft_map_deactivate+0x34e/0x3c0 net/netfilter/nf_tables_api.c:845, CPU#0: syz.0.17/5992\nModules linked in:\nCPU: 0 UID: 0 PID: 5992 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026\nRIP: 0010:nft_map_deactivate+0x34e/0x3c0 net/netfilter/nf_tables_api.c:845\nCode: 8b 05 86 5a 4e 09 48 3b 84 24 a0 00 00 00 75 62 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 63 6d fa f7 90 \u003c0f\u003e 0b 90 43\n+80 7c 35 00 00 0f 85 23 fe ff ff e9 26 fe ff ff 89 d9\nRSP: 0018:ffffc900045af780 EFLAGS: 00010293\nRAX: ffffffff89ca45bd RBX: 00000000fffffff4 RCX: ffff888028111e40\nRDX: 0000000000000000 RSI: 00000000fffffff4 RDI: 0000000000000000\nRBP: ffffc900045af870 R08: 0000000000400dc0 R09: 00000000ffffffff\nR10: dffffc0000000000 R11: fffffbfff1d141db R12: ffffc900045af7e0\nR13: 1ffff920008b5f24 R14: dffffc0000000000 R15: ffffc900045af920\nFS:  000055557a6a5500(0000) GS:ffff888125496000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fb5ea271fc0 CR3: 000000003269e000 CR4: 00000000003526f0\nCall Trace:\n \u003cTASK\u003e\n __nft_release_table+0xceb/0x11f0 net/netfilter/nf_tables_api.c:12115\n nft_rcv_nl_event+0xc25/0xdb0 net/netfilter/nf_tables_api.c:12187\n notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n blocking_notifier_call_chain+0x6a/0x90 kernel/notifier.c:380\n netlink_release+0x123b/0x1ad0 net/netlink/af_netlink.c:761\n __sock_release net/socket.c:662 [inline]\n sock_close+0xc3/0x240 net/socket.c:1455\n\nRestrict set clone to the flush set command in the preparation phase.\nAdd NFT_ITER_UPDATE_CLONE and use it for this purpose, update the rbtree\nand pipapo backends to only clone the set when this iteration type is\nused.\n\nAs for the existing NFT_ITER_UPDATE type, update the pipapo backend to\nuse the existing set clone if available, otherwise use the existing set\nrepresentation. After this update, there is no need to clone a set that\nis being deleted, this includes bound anonymous set.\n\nAn alternative approach to NFT_ITER_UPDATE_CLONE is to add a .clone\ninterface and call it from the flush set path.",
  "id": "GHSA-g792-jhj8-228v",
  "modified": "2026-03-25T12:30:24Z",
  "published": "2026-03-25T12:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23385"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9154945a6394029822bd08c24cef5a3f86d0424a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b7f67282ca2be14b727dd698b50e10cf5d8c66f9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fb7fb4016300ac622c964069e286dc83166a5d52"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-23385 (GCVE-0-2026-23385)

FKIE_CVE-2026-23385

WID-SEC-W-2026-0861

GHSA-G792-JHJ8-228V

Tags

Sightings

Nomenclature