Skip to main content

Linux CVE-2026-23083

HIGH
2026-02-04 416baaa9-dc9f-4396-8d5f-8c081fb06d67
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
SUSE
HIGH
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Patch released
Apr 09, 2026 - 20:30 nvd
Patch available
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Feb 04, 2026 - 17:16 nvd
HIGH 7.8

DescriptionNVD

In the Linux kernel, the following vulnerability has been resolved:

fou: Don't allow 0 for FOU_ATTR_IPPROTO.

fou_udp_recv() has the same problem mentioned in the previous patch.

If FOU_ATTR_IPPROTO is set to 0, skb is not freed by fou_udp_recv() nor "resubmit"-ted in ip_protocol_deliver_rcu().

Let's forbid 0 for FOU_ATTR_IPPROTO.

AnalysisAI

Local privilege escalation in the Linux kernel's FOU (Foo-over-UDP) tunnel implementation allows authenticated local users to trigger a memory leak and denial of service by setting the FOU_ATTR_IPPROTO attribute to zero, causing network packets to remain unfreed in memory. This vulnerability affects all Linux systems with the vulnerable kernel code and requires local access to exploit. No patch is currently available for this high-severity issue.

Technical ContextAI

In the Linux kernel, the following vulnerability has been resolved:

fou: Don't allow 0 for FOU_ATTR_IPPROTO.

fou_udp_recv() has the same problem mentioned in the previous patch.

If FOU_ATTR_IPPROTO is set to 0, skb is not freed by fou_udp_recv() nor "resubmit"-ted in ip_protocol_deliver_rcu().

Let's forbid 0 for FOU_ATTR_IPPROTO.

RemediationAI

Monitor vendor advisories for a patch.

Vendor StatusVendor

SUSE

Severity: High
Product Status
Container suse/sl-micro/6.0/base-os-container:2.1.3-7.105 Affected
Container suse/sl-micro/6.0/kvm-os-container:2.1.3-6.124 Affected
Container suse/sl-micro/6.0/rt-os-container:2.1.3-7.146 Affected
Container suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.67 Affected
Container suse/sl-micro/6.1/base-os-container:2.2.1-5.90 Affected

Share

CVE-2026-23083 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy