#VU124463 Out-of-bounds write in Linux kernel - CVE-2026-23378
Published: March 25, 2026
Vulnerability identifier: #VU124463
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-23378
CWE-ID: CWE-787
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to execute arbitrary code or cause a denial of service.
The vulnerability exists due to improper memory access in the net/sched: act_ife component when updating metadata lists during packet processing. A local user can send a specially crafted request to trigger out-of-bounds memory write via the ife_tlv_meta_encode function.
Exploitation requires the ability to configure or trigger traffic control (tc) actions within the kernel, which is typically available to local users with sufficient privileges to manipulate network scheduling policies.
Remediation
Install security update from vendor's repository.
External links
- https://git.kernel.org/stable/c/56ade7ddea6ce605552341785d08e365c3f61861
- https://git.kernel.org/stable/c/5b1449301ca070814d866990b46f48d3f39ea4ee
- https://git.kernel.org/stable/c/691866c4cca54dc4df762276b49e89b36e046947
- https://git.kernel.org/stable/c/91a89d3bdc2f63d983adc13d1771631663c5dc1b
- https://git.kernel.org/stable/c/cd888c3966672239f2e0707b846a5a936ac9038a
- https://git.kernel.org/stable/c/e2cedd400c3ec0302ffca2490e8751772906ac23