VYPR
High severity7.8NVD Advisory· Published Mar 18, 2026· Updated May 21, 2026

CVE-2026-23245

CVE-2026-23245

Description

In the Linux kernel, the following vulnerability has been resolved:

net/sched: act_gate: snapshot parameters with RCU on replace

The gate action can be replaced while the hrtimer callback or dump path is walking the schedule list.

Convert the parameters to an RCU-protected snapshot and swap updates under tcf_lock, freeing the previous snapshot via call_rcu(). When REPLACE omits the entry list, preserve the existing schedule so the effective state is unchanged.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Linux/Kernel5 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=5.8.1,<5.10.253
    • cpe:2.3:o:linux:linux_kernel:5.8:-:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
    • (no CPE)
  • osv-coords
    Range: >= 5.8.0, < 6.1.167

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.