4.7

CVE-2026-23302

net: annotate data-races around sk->sk_{data_ready,write_space}

In the Linux kernel, the following vulnerability has been resolved:

net: annotate data-races around sk->sk_{data_ready,write_space}

skmsg (and probably other layers) are changing these pointers
while other cpus might read them concurrently.

Add corresponding READ_ONCE()/WRITE_ONCE() annotations
for UDP, TCP and AF_UNIX.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.20 < 6.6.136
LinuxLinux Kernel Version >= 6.7 < 6.12.82
LinuxLinux Kernel Version >= 6.13 < 6.18.17
LinuxLinux Kernel Version >= 6.19 < 6.19.7
LinuxLinux Kernel Version7.0 Updaterc1
LinuxLinux Kernel Version7.0 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.09% 0.006
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

https://git.kernel.org/stable/c/f17c1c4acbe2bd702abce73a847a04a196fab2c5
Patch
https://git.kernel.org/stable/c/27fccdbcbbfc4651b6f66756e6fa3f52e051ec23
Patch
https://git.kernel.org/stable/c/2ef2b20cf4e04ac8a6ba68493f8780776ff84300
Patch
https://git.kernel.org/stable/c/c494448bb522bbbb63096540eb2319101a0480ab
Patch
https://git.kernel.org/stable/c/7ad01905831c815520f1b0486336a03bb7420465
Patch
https://git.kernel.org/stable/c/279f2b67d1c44ee139bd3fdb221850daa9358449