Vulnerability Lookup

🛡️ CVE-2026-23359

🟠 CVSS 7.8 — High ✅ No Known Exploit NVD

7.8

CVSS Score

0 Low4 Medium7 High9 Critical10

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap get_upper_ifindexes() iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is MAX_NEST_DEV and allocate excluded_devices[1+MAX_NEST_DEV] on the stack, but that assumption is not correct and the number of upper devices could be larger than MAX_NEST_DEV (e.g., many macvlans), causing a stack-out-of-bounds write. Add a max parameter to get_upper_ifindexes() to avoid the issue. When there are too many upper devices, return -EOVERFLOW and abort the redirect. To reproduce, create more than MAX_NEST_DEV(8) macvlans on a device with an XDP program attached using BPF_F_BROADCAST | BPF_F_EXCLUDE_INGRESS. Then send a packet to the device to trigger the XDP redirect path.

Details

Severity High

CVSS Score 7.8

CVSS Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE N/A

Public Exploit ✅ No

Source NVD

Published 2026-03-25

Updated 2026-06-11

Modified 2026-06-10

Fix URL https://git.kernel.org/stable/c/5000e40acc8d0c36ab709662e32120986ac22e7e

Affected Packages

Software	From version	Fixed in
kernel	6.19.0	6.19.7
linux-kernel	—	—

References

PACKAGE https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

WEB https://git.kernel.org/stable/c/5000e40acc8d0c36ab709662e32120986ac22e7e

WEB https://git.kernel.org/stable/c/75d474702b2ba8b6bcb26eb3004dbc5e95ffd5d2

WEB https://git.kernel.org/stable/c/8a95fb9df1105b1618872c2846a6c01e3ba20b45

WEB https://git.kernel.org/stable/c/b7bf516c3ecd9a2aae2dc2635178ab87b734fef1

WEB https://git.kernel.org/stable/c/ca831567908fd3f73cf97d8a6c09a5054697a182

WEB https://git.kernel.org/stable/c/d2c31d8e03d05edc16656e5ffe187f0d1da763d7

ADVISORY https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23359.json

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2026-23359

🔗 NVD 🔗 Mitre ✅ Fix / Advisory

Similar Threats

Unknown ALSA-2023:2458
Unknown ALSA-2023:1703
Unknown ALSA-2023:1566
Unknown ALSA-2023:1470
Unknown ALSA-2023:0951

Free Vulnerability Check

Is your WordPress site affected?

BotEraser helps you identify potentially vulnerable plugins and themes by checking your installation against known CVE records.

Scan My Site Free →

No credit card required · Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.

Is your WordPress site affected?

Company

Resources

Services

Trusted

Subscribe