High severity7.8NVD Advisory· Published Apr 3, 2026· Updated Apr 27, 2026
CVE-2026-23437
CVE-2026-23437
Description
In the Linux kernel, the following vulnerability has been resolved:
net: shaper: protect late read accesses to the hierarchy
We look up a netdev during prep of Netlink ops (pre- callbacks) and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual protections.
This is not proper, a conversion from a ref to a locked netdev must include a liveness check (a check if the netdev hasn't been unregistered already). Fix the read cases (those under RCU). Writes needs a separate change to protect from creating the hierarchy after flush has already run.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
18cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=6.13.1,<6.18.20
- cpe:2.3:o:linux:linux_kernel:6.13:-:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*
- (no CPE)
- osv-coords8 versionspkg:rpm/suse/kernel-livepatch-SLE16_Update_10&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_10&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_11&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_11&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_8&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_8&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_9&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_9&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
< 2-160000.1.1+ 7 more
- (no CPE)range: < 2-160000.1.1
- (no CPE)range: < 2-160000.1.1
- (no CPE)range: < 2-160000.1.1
- (no CPE)range: < 2-160000.1.1
- (no CPE)range: < 3-160000.1.1
- (no CPE)range: < 3-160000.1.1
- (no CPE)range: < 2-160000.1.1
- (no CPE)range: < 2-160000.1.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.