CVE-2026-23302

MEDIUM

net: annotate data-races around sk->sk_{data_ready,write_space}

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk->sk_{data_ready,write_space} skmsg (and probably other layers) are changing these pointers while other cpus might read them concurrently. Add corresponding READ_ONCE()/WRITE_ONCE() annotations for UDP, TCP and AF_UNIX.

Scores

CVSS v3 4.7
EPSS 0.0009
EPSS Percentile 0.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-362
Status published
Products (23)
linux/Kernel 4.20.0 - 6.1.177linux
linux/Kernel 4.20.0 - 6.18.17linux
linux/Kernel 6.13.0 - 6.18.17linux
linux/Kernel 6.19.0 - 6.19.7linux
linux/Kernel 6.2.0 - 6.6.136linux
linux/Kernel 6.7.0 - 6.12.82linux
Linux/Linux < 4.20
Linux/Linux 4.20
Linux/Linux 6.1.177 - 6.1.*
Linux/Linux 6.12.82 - 6.12.*
... and 13 more
Published Mar 25, 2026
Tracked Since Mar 25, 2026