#VU124857 Use-after-free in Linux kernel - CVE-2026-23413
Published: April 3, 2026
Vulnerability identifier: #VU124857
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-23413
CWE-ID: CWE-416
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local attacker to cause a denial of service.
The vulnerability exists due to use-after-free in the clsact qdisc when handling init and destroy rollback after a replacement failure. A local attacker can trigger a replacement failure during clsact initialization to cause a denial of service.
The issue occurs because ingress may be initialized before egress initialization fails, after which destroy logic can operate on stale state from the previous clsact instance.
Remediation
Install security update from vendor's repository.
External links
- https://git.kernel.org/stable/c/0509b762bc5e8ea7b8391130730c6d8502fc6e69
- https://git.kernel.org/stable/c/37bef86e5428d59f70a4da82b80f9a8f252fecbe
- https://git.kernel.org/stable/c/4c9af67f99aa3e51b522c54968ab3ac8272be41c
- https://git.kernel.org/stable/c/a0671125d4f55e1e98d9bde8a0b671941987e208
- https://git.kernel.org/stable/c/a73d95b57bf9faebdfed591bcb7ed9292062a84c