CVE-2026-23054
Published: Feb 4, 2026
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net: hv_netvsc: reject RSS hash key programming without RX indirection table RSS configuration requires a valid RX indirection table. When the device reports a single receive queue, rndis_filter_device_add() does not allocate an indirection table, accepting RSS hash key updates in this state leads to a hang. Fix this by gating netvsc_set_rxfh() on ndc->rx_table_sz and return -EOPNOTSUPP when the table is absent. This aligns set_rxfh with the device capabilities and prevents incorrect behavior.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 962f3fee83a4ef9010ae84dc43ae7aecb572e2a9 - < 8288136f508e78eb3563e7073975999cf225a2f9affected 962f3fee83a4ef9010ae84dc43ae7aecb572e2a9 - < 82c9039c8ebb715753a40434df714f865a3aec9caffected 962f3fee83a4ef9010ae84dc43ae7aecb572e2a9 - < 4cd55c609e85ae2313248ef1a33619a3eef44a16affected 962f3fee83a4ef9010ae84dc43ae7aecb572e2a9 - < 11dd9a9ef4dc4507a15a69b8511a0013c6c28fa3affected 962f3fee83a4ef9010ae84dc43ae7aecb572e2a9 - < d23564955811da493f34412d7de60fa268c8cb50 |
Linux | Linux | affected 4.11unaffected 0 - < 4.11unaffected 6.1.162 - <= 6.1.*unaffected 6.6.122 - <= 6.6.*unaffected 6.12.67 - <= 6.12.*+2 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now