Skip to main content

Linux CVE-2026-23284

| EUVDEUVD-2026-15208 MEDIUM
2026-03-25 Linux GHSA-qgrv-hh4h-p235
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
6.4 MEDIUM
AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
CVSS changed
May 22, 2026 - 00:22 NVD
5.5 (MEDIUM)
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 25, 2026 - 10:45 euvd
EUVD-2026-15208
Analysis Generated
Mar 25, 2026 - 10:45 vuln.today
CVE Published
Mar 25, 2026 - 10:26 nvd
N/A

DescriptionNVD

In the Linux kernel, the following vulnerability has been resolved:

net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()

Reset eBPF program pointer to old_prog and do not decrease its ref-count if mtk_open routine in mtk_xdp_setup() fails.

AnalysisAI

This vulnerability exists in the Linux kernel's MediaTek Ethernet driver (mtk_eth_soc) where an eBPF program pointer is not properly reset to its previous state if the mtk_xdp_setup() function encounters an error during the mtk_open routine. This resource management flaw can lead to incorrect reference counting of eBPF programs, potentially causing use-after-free or memory leak conditions. All Linux kernel versions with the affected MediaTek Ethernet driver (cpe:2.3:a:linux:linux) are impacted, and the vulnerability has been patched across multiple stable kernel branches as evidenced by six commit references spanning different kernel versions.

Technical ContextAI

The vulnerability resides in the MediaTek Ethernet SoC driver (mtk_eth_soc) within the Linux kernel's networking subsystem. The mtk_xdp_setup() function handles the loading and configuration of eBPF (extended Berkeley Packet Filter) programs for XDP (eXpress Data Path) offloading on MediaTek network interfaces. When the function fails partway through execution (specifically during the mtk_open call), the code neglects to revert the eBPF program pointer to the previously active program (old_prog) and fails to decrement its reference count appropriately. This violates proper reference counting semantics and kernel resource management protocols. The affected CPE (cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*) indicates the Linux kernel itself is the affected product. While no explicit CWE is listed in the intelligence data, this pattern matches CWE-416 (Use After Free) and CWE-770 (Allocation of Resources Without Limits or Throttling) in terms of improper resource lifecycle management.

RemediationAI

Apply the Linux kernel security patch by upgrading to a kernel version containing one of the six commits referenced in the stable kernel branches (8c2d76a9658a4dbfcf02f2693a97e2d5ff42197a, 29629dd7d37349e9fb605375a75de44ac8926ea9, b73dfe1ea7be7a072482434643b517d7726f4c8d, 6f95b59520278a72df9905db791b7ea31375fbc1, ff14cd44c85c20ad69479db73698185de291550c, or 0abc73c8a40fd64ac1739c90bb4f42c418d27a5e) via https://git.kernel.org/stable/. Most major Linux distributions (Ubuntu, Debian, Red Hat, SUSE, etc.) have back-ported this fix into their respective stable kernel updates; check your distribution's security advisories and apply kernel updates through your package manager. If immediate patching is not possible, restrict access to systems running MediaTek Ethernet hardware and disable XDP program loading on affected interfaces until the kernel can be updated. Systems without MediaTek Ethernet NICs are not vulnerable and require no action.

Vendor StatusVendor

Debian

linux
Release Status Fixed Version Urgency
bullseye not-affected - -
bullseye (security) fixed 5.10.251-1 -
bookworm vulnerable 6.1.159-1 -
bookworm (security) vulnerable 6.1.164-1 -
trixie vulnerable 6.12.73-1 -
trixie (security) vulnerable 6.12.74-2 -
forky, sid fixed 6.19.8-1 -
(unstable) fixed 6.19.8-1 -

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

CVE-2026-23284 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy