In the Linux kernel, the following vulnerability has been resolved:
net: cpsw_new: Execute ndo_set_rx_mode callback in a work queue
Commit 1767bb2d47b7 ("ipv6: mcast: Don't hold RTNL for
IPV6_ADD_MEMBERSHIP and MCAST_JOIN_GROUP.") removed the RTNL lock for
IPV6_ADD_MEMBERSHIP and MCAST_JOIN_GROUP operations. However, this
change triggered the following call trace on my BeagleBone Black board:
WARNING: net/8021q/vlan_core.c:236 at vlan_for_each+0x120/0x124, CPU#0: rpcbind/496
RTNL: assertion failed at net/8021q/vlan_core.c (236)
Modules linked in:
CPU: 0 UID: 997 PID: 496 Comm: rpcbind Not tainted 6.19.0-rc6-next-20260122-yocto-standard+ #8 PREEMPT
Hardware name: Generic AM33XX (Flattened Device Tree)
Call trace:
unwind_backtrace from show_stack+0x28/0x2c
show_stack from dump_stack_lvl+0x30/0x38
dump_stack_lvl from __warn+0xb8/0x11c
__warn from warn_slowpath_fmt+0x130/0x194
warn_slowpath_fmt from vlan_for_each+0x120/0x124
vlan_for_each from cpsw_add_mc_addr+0x54/0xd8
cpsw_add_mc_addr from __hw_addr_ref_sync_dev+0xc4/0xec
__hw_addr_ref_sync_dev from __dev_mc_add+0x78/0x88
__dev_mc_add from igmp6_group_added+0x84/0xec
igmp6_group_added from __ipv6_dev_mc_inc+0x1fc/0x2f0
__ipv6_dev_mc_inc from __ipv6_sock_mc_join+0x124/0x1b4
__ipv6_sock_mc_join from do_ipv6_setsockopt+0x84c/0x1168
do_ipv6_setsockopt from ipv6_setsockopt+0x88/0xc8
ipv6_setsockopt from do_sock_setsockopt+0xe8/0x19c
do_sock_setsockopt from __sys_setsockopt+0x84/0xac
__sys_setsockopt from ret_fast_syscall+0x0/0x5
This trace occurs because vlan_for_each() is called within
cpsw_ndo_set_rx_mode(), which expects the RTNL lock to be held.
Since modifying vlan_for_each() to operate without the RTNL lock is not
straightforward, and because ndo_set_rx_mode() is invoked both with and
without the RTNL lock across different code paths, simply adding
rtnl_lock() in cpsw_ndo_set_rx_mode() is not a viable solution.
To resolve this issue, we opt to execute the actual processing within
a work queue, following the approach used by the icssg-prueth driver.
References
Configurations
Configuration 1 (hide)
|
History
19 Mar 2026, 16:34
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | NVD-CWE-noinfo | |
| CPE | cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.19:rc8:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
| References | () https://git.kernel.org/stable/c/c0b5dc73a38f954e780f93a549b8fe225235c07a - Patch | |
| References | () https://git.kernel.org/stable/c/d5b3a669866977dc87fd56fcf00a70df1536d258 - Patch | |
| First Time |
Linux
Linux linux Kernel |
18 Feb 2026, 17:52
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
14 Feb 2026, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-02-14 17:15
Updated : 2026-03-19 16:34
NVD link : CVE-2026-23203
Mitre link : CVE-2026-23203
CVE.ORG link : CVE-2026-23203
JSON object : View
Products Affected
linux
- linux_kernel
CWE