CVE-2026-23204

HIGH

Moderate: Red Hat Security Advisory: kernel security update

Details

CVSS v3: 7.1
NVD published: 2026-02-14 17:15:58
EPSS: <0.1% probability · 3.3th percentile — 2026-03-29
Affected versions: cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.35:-:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.35:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.35:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.35:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.35:rc5:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.35:rc6:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.19:rc8:*:*:*:*:*:*
Summary: In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_u32: use skb_header_pointer_careful() skb_header_pointer() does not fully validate negative @offset values. Use skb_header_pointer_careful() instead. GangMin Kim provided a report and a repro fooling u32_classify(): BUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0 net/sched/cls_u32.c:221
Remediation: Not available in our cache.
Exploit info: Not available in our cache.

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.