CVE-2026-23284

MEDIUM

net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup() Reset eBPF program pointer to old_prog and do not decrease its ref-count if mtk_open routine in mtk_xdp_setup() fails.

References (6)

Core 6

Core References

https://git.kernel.org/stable/c/8c2d76a9658a4dbfcf02f2693a97e2d5ff42197a

https://git.kernel.org/stable/c/29629dd7d37349e9fb605375a75de44ac8926ea9

https://git.kernel.org/stable/c/b73dfe1ea7be7a072482434643b517d7726f4c8d

https://git.kernel.org/stable/c/6f95b59520278a72df9905db791b7ea31375fbc1

https://git.kernel.org/stable/c/ff14cd44c85c20ad69479db73698185de291550c

https://git.kernel.org/stable/c/0abc73c8a40fd64ac1739c90bb4f42c418d27a5e

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 3.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

Status published

Products (22)

linux/Kernel 6.0.0 - 6.1.167linux

linux/Kernel 6.13.0 - 6.18.17linux

linux/Kernel 6.19.0 - 6.19.7linux

linux/Kernel 6.2.0 - 6.6.130linux

linux/Kernel 6.7.0 - 6.12.77linux

Linux/Linux < 6.0

Linux/Linux 6.0

Linux/Linux 6.1.167 - 6.1.*

Linux/Linux 6.12.77 - 6.12.*

Linux/Linux 6.18.17 - 6.18.*

... and 12 more

Published Mar 25, 2026

Tracked Since Mar 25, 2026