5.5

CVE-2026-23436

net: shaper: protect from late creation of hierarchy

In the Linux kernel, the following vulnerability has been resolved:

net: shaper: protect from late creation of hierarchy

We look up a netdev during prep of Netlink ops (pre- callbacks)
and take a ref to it. Then later in the body of the callback
we take its lock or RCU which are the actual protections.

The netdev may get unregistered in between the time we take
the ref and the time we lock it. We may allocate the hierarchy
after flush has already run, which would lead to a leak.

Take the instance lock in pre- already, this saves us from the race
and removes the need for dedicated lock/unlock callbacks completely.
After all, if there's any chance of write happening concurrently
with the flush - we're back to leaking the hierarchy.

We may take the lock for devices which don't support shapers but
we're only dealing with SET operations here, not taking the lock
would be optimizing for an error case.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.13.1 < 6.18.20
LinuxLinux Kernel Version >= 6.19 < 6.19.10
LinuxLinux Kernel Version6.13 Update-
LinuxLinux Kernel Version7.0 Updaterc1
LinuxLinux Kernel Version7.0 Updaterc2
LinuxLinux Kernel Version7.0 Updaterc3
LinuxLinux Kernel Version7.0 Updaterc4
LinuxLinux Kernel Version7.0 Updaterc5
LinuxLinux Kernel Version7.0 Updaterc6
LinuxLinux Kernel Version7.0 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.022
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/719f6784f918f9e32f3ff3b197f900e852223f9d
Patch
https://git.kernel.org/stable/c/d22921727023e7852704965e935f4d1fc83a5ec9
Patch
https://git.kernel.org/stable/c/d75ec7e8ba1979a1eb0b9211d94d749cdce849c8
Patch