CVE-2026-23302
MEDIUMnet: annotate data-races around sk->sk_{data_ready,write_space}
Title source: cnaDescription
In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk->sk_{data_ready,write_space} skmsg (and probably other layers) are changing these pointers while other cpus might read them concurrently. Add corresponding READ_ONCE()/WRITE_ONCE() annotations for UDP, TCP and AF_UNIX.
References (6)
Core 6
Core References
Scores
CVSS v3
4.7
EPSS
0.0009
EPSS Percentile
0.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-362
Status
published
Products (23)
linux/Kernel
4.20.0 - 6.1.177linux
linux/Kernel
4.20.0 - 6.18.17linux
linux/Kernel
6.13.0 - 6.18.17linux
linux/Kernel
6.19.0 - 6.19.7linux
linux/Kernel
6.2.0 - 6.6.136linux
linux/Kernel
6.7.0 - 6.12.82linux
Linux/Linux
< 4.20
Linux/Linux
4.20
Linux/Linux
6.1.177 - 6.1.*
Linux/Linux
6.12.82 - 6.12.*
... and 13 more
Published
Mar 25, 2026
Tracked Since
Mar 25, 2026