#VU124514 Resource exhaustion in Linux kernel - CVE-2026-23331
Published: March 25, 2026
Vulnerability identifier: #VU124514
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-23331
CWE-ID: CWE-400
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper resource management in the UDP protocol implementation when disconnecting a connected UDP socket that was bound to a non-zero port. A local user can create and manipulate a UDP socket by binding it to a wildcard address with a specific port, connecting it to a remote address, and then disconnecting it, which triggers improper handling during rehashing and leaves stale entries in the 4-tuple hash table, leading to resource leakage.
Successful exploitation may result in gradual depletion of kernel resources, potentially leading to system instability or denial of service.
Remediation
Install security update from vendor's repository.