Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() In DecodeQ931(), the UserUserIE code path reads a 16-bit length from the packet, then decrements it by 1 to skip the protocol discriminator byte before passing it to DecodeH323_UserInformation(). If the encoded length is 0, the decrement wraps to -1, which is then passed as a large value to the decoder, leading to an out-of-bounds read. Add a check to ensure len is positive after the decrement.

INFO

Published Date :

2026-04-03T15:15:36.869Z

Last Modified :

2026-04-03T15:15:36.869Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-23455 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-23455.

URL Resource
https://git.kernel.org/stable/c/495e97af9e7249ee02b72bb1d0848a6efc3700f4 cve-icon cve-icon
https://git.kernel.org/stable/c/633e8f87dad32263f6a57dccdb873f042c062111 cve-icon cve-icon
https://git.kernel.org/stable/c/9d00fe7d6d7c5b5f1065a6e042b54f2e44bd6df8 cve-icon cve-icon
https://git.kernel.org/stable/c/b652b05d51003ac074b912684f9ec7486231717b cve-icon cve-icon
https://git.kernel.org/stable/c/f173d0f4c0f689173f8cdac79991043a4a89bf66 cve-icon cve-icon
https://git.kernel.org/stable/c/f5e4f4e4cdb75ec36802059a94195a31f193da60 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026040317-CVE-2026-23455-f045@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-23455 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-23455 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact