#VU124464 Function Call with Incorrectly Specified Arguments in Linux kernel - CVE-2026-23379
Published: March 25, 2026
Vulnerability identifier: #VU124464
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-23379
CWE-ID: CWE-628
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper input validation in the ets_offload_change function when handling traffic control (tc) commands for ETS qdisc offloading. A local user can send a specially crafted request to trigger a divide-by-zero error, leading to a kernel oops and system crash.
The issue arises from unsigned 32-bit integer overflows in 'q_sum' and 'q_psum' variables during WRR weight computation, which can result in division by zero in the offload path.
Remediation
Install security update from vendor's repository.
External links
- https://git.kernel.org/stable/c/3912871344d6a0f1f572a7af2716968182d1e536
- https://git.kernel.org/stable/c/78b8d2f55a564236435649fbd8bd6a103f30acf5
- https://git.kernel.org/stable/c/7dbffffd5761687e168fb2f4aaa7a2c47e067efc
- https://git.kernel.org/stable/c/a6677e23b313cd9fd03690c589c6452cb6fffb97
- https://git.kernel.org/stable/c/abe1d5cb7fe135c0862c58db32bc29e04cf1c906
- https://git.kernel.org/stable/c/e35626f610f3d2b7953ccddf6a77453da22b3a9e