CVE-2026-23302

ANALYSIS PENDING

net: annotate data-races around sk->sk_{data_ready,write_space}

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk->sk_{data_ready,write_space} skmsg (and probably other layers) are changing these pointers while other cpus might read them concurrently. Add corresponding READ_ONCE()/WRITE_ONCE() annotations for UDP, TCP and AF_UNIX.

References (5)

Core 5

Core References

https://git.kernel.org/stable/c/7ad01905831c815520f1b0486336a03bb7420465

https://git.kernel.org/stable/c/c494448bb522bbbb63096540eb2319101a0480ab

https://git.kernel.org/stable/c/f17c1c4acbe2bd702abce73a847a04a196fab2c5

https://git.kernel.org/stable/c/27fccdbcbbfc4651b6f66756e6fa3f52e051ec23

https://git.kernel.org/stable/c/2ef2b20cf4e04ac8a6ba68493f8780776ff84300

Scores

EPSS 0.0003

EPSS Percentile 7.6%

Details

Status published

Products (15)

linux/Kernel 4.20.0 - 6.18.17linux

linux/Kernel 6.19.0 - 6.19.7linux

Linux/Linux < 4.20

Linux/Linux 4.20

Linux/Linux 6.12.82 - 6.12.*

Linux/Linux 6.18.17 - 6.18.*

Linux/Linux 6.19.7 - 6.19.*

Linux/Linux 6.6.136 - 6.6.*

Linux/Linux 604326b41a6fb9b4a78b6179335decee0365cd8c - 27fccdbcbbfc4651b6f66756e6fa3f52e051ec23

Linux/Linux 604326b41a6fb9b4a78b6179335decee0365cd8c - 2ef2b20cf4e04ac8a6ba68493f8780776ff84300

... and 5 more

Published Mar 25, 2026

Tracked Since Mar 25, 2026