Description

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlan_forward_source() Add RCU protection on (struct macvlan_source_entry)->vlan. Whenever macvlan_hash_del_source() is called, we must clear entry->vlan pointer before RCU grace period starts. This allows macvlan_forward_source() to skip over entries queued for freeing. Note that macvlan_dev are already RCU protected, as they are embedded in a standard netdev (netdev_priv(ndev)). https: //lore.kernel.org/netdev/[email protected]/T/#u

INFO

Published Date :

2026-01-25T14:36:15.790Z

Last Modified :

2026-02-09T08:36:53.776Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-23001 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-23001.

URL Resource
https://git.kernel.org/stable/c/15f6faf36e162532bec5cc05eb3fc622108bf2ed cve-icon cve-icon
https://git.kernel.org/stable/c/232afc74a6dde0fe1830988e5827921f5ec9bb3f cve-icon cve-icon
https://git.kernel.org/stable/c/484919832e2db6ce1e8add92c469e5d459a516b5 cve-icon cve-icon
https://git.kernel.org/stable/c/6dbead9c7677186f22b7981dd085a0feec1f038e cve-icon cve-icon
https://git.kernel.org/stable/c/7470a7a63dc162f07c26dbf960e41ee1e248d80e cve-icon cve-icon
https://git.kernel.org/stable/c/8133e85b8a3ec9f10d861e0002ec6037256e987e cve-icon cve-icon
https://git.kernel.org/stable/c/8518712a2ca952d6da2238c6f0a16b4ae5ea3f13 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026012534-CVE-2026-23001-7ab0@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-23001 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-23001 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact