CVE-2026-23245
Published: Mar 18, 2026
Modified: May 11, 2026
CVSS v3.1
7.8
Description
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_gate: snapshot parameters with RCU on replace The gate action can be replaced while the hrtimer callback or dump path is walking the schedule list. Convert the parameters to an RCU-protected snapshot and swap updates under tcf_lock, freeing the previous snapshot via call_rcu(). When REPLACE omits the entry list, preserve the existing schedule so the effective state is unchanged.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected a51c328df3106663879645680609eb49b3ff6444 - < fc98fd8d214693be91253d9a88cdf8e5e143d124affected a51c328df3106663879645680609eb49b3ff6444 - < 8b1251bbf0f10ac745ed74bad4d3b433caa1eeaeaffected a51c328df3106663879645680609eb49b3ff6444 - < dfc314d7c767e350f78a46a8f8b134f80e8ad432affected a51c328df3106663879645680609eb49b3ff6444 - < 035d0d09d5ab3ed3e93d18cde2b562a6719eea23affected a51c328df3106663879645680609eb49b3ff6444 - < 04d75529dc0f9be78786162ebab7424af4644df2+2 more versions |
Linux | Linux | affected 5.8unaffected 0 - < 5.8unaffected 5.10.253 - <= 5.10.*unaffected 6.1.167 - <= 6.1.*unaffected 6.6.130 - <= 6.6.*+4 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now