CVE-2026-23274
Published: Mar 20, 2026
Modified: May 11, 2026
CVSS v3.1
7.8
Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels IDLETIMER revision 0 rules reuse existing timers by label and always call mod_timer() on timer->timer. If the label was created first by revision 1 with XT_IDLETIMER_ALARM, the object uses alarm timer semantics and timer->timer is never initialized. Reusing that object from revision 0 causes mod_timer() on an uninitialized timer_list, triggering debugobjects warnings and possible panic when panic_on_warn=1. Fix this by rejecting revision 0 rule insertion when an existing timer with the same label is of ALARM type.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 68983a354a655c35d3fb204489d383a2a051fda7 - < 32e937dc6e97f5ed3cdfe3fc0b2b19a05e23fa44affected 68983a354a655c35d3fb204489d383a2a051fda7 - < 144f88054ba0180467356f40895bd660b5dceeecaffected 68983a354a655c35d3fb204489d383a2a051fda7 - < 28c7cfaf0c0ab17cbd7754092116fd1af45271f9affected 68983a354a655c35d3fb204489d383a2a051fda7 - < 54080355999381fed4a26129579a5765bab87491affected 68983a354a655c35d3fb204489d383a2a051fda7 - < 5e7ece24c5cb75a60402aad4d803c7898ea40aa9+3 more versions |
Linux | Linux | affected 5.7unaffected 0 - < 5.7unaffected 5.10.253 - <= 5.10.*unaffected 5.15.203 - <= 5.15.*unaffected 6.1.167 - <= 6.1.*+5 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now