CVE-2026-23284

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup() Reset eBPF program pointer to old_prog and do not decrease its ref-count if mtk_open routine in mtk_xdp_setup() fails.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/0abc73c8a40fd64ac1739c90bb4f42c418d27a5e	Patch
https://git.kernel.org/stable/c/29629dd7d37349e9fb605375a75de44ac8926ea9	Patch
https://git.kernel.org/stable/c/6f95b59520278a72df9905db791b7ea31375fbc1	Patch
https://git.kernel.org/stable/c/8c2d76a9658a4dbfcf02f2693a97e2d5ff42197a	Patch
https://git.kernel.org/stable/c/b73dfe1ea7be7a072482434643b517d7726f4c8d	Patch
https://git.kernel.org/stable/c/ff14cd44c85c20ad69479db73698185de291550c	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc1::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc2::::::

History

22 May 2026, 00:16

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:7.0:rc1:::::: cpe:2.3:o:linux:linux_kernel:7.0:rc2::::::
First Time		Linux linux Kernel Linux
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CWE		NVD-CWE-noinfo
References	~~() https://git.kernel.org/stable/c/0abc73c8a40fd64ac1739c90bb4f42c418d27a5e -~~	() https://git.kernel.org/stable/c/0abc73c8a40fd64ac1739c90bb4f42c418d27a5e - Patch
References	~~() https://git.kernel.org/stable/c/29629dd7d37349e9fb605375a75de44ac8926ea9 -~~	() https://git.kernel.org/stable/c/29629dd7d37349e9fb605375a75de44ac8926ea9 - Patch
References	~~() https://git.kernel.org/stable/c/6f95b59520278a72df9905db791b7ea31375fbc1 -~~	() https://git.kernel.org/stable/c/6f95b59520278a72df9905db791b7ea31375fbc1 - Patch
References	~~() https://git.kernel.org/stable/c/8c2d76a9658a4dbfcf02f2693a97e2d5ff42197a -~~	() https://git.kernel.org/stable/c/8c2d76a9658a4dbfcf02f2693a97e2d5ff42197a - Patch
References	~~() https://git.kernel.org/stable/c/b73dfe1ea7be7a072482434643b517d7726f4c8d -~~	() https://git.kernel.org/stable/c/b73dfe1ea7be7a072482434643b517d7726f4c8d - Patch
References	~~() https://git.kernel.org/stable/c/ff14cd44c85c20ad69479db73698185de291550c -~~	() https://git.kernel.org/stable/c/ff14cd44c85c20ad69479db73698185de291550c - Patch
Summary		(es) En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: net: ethernet: mtk_eth_soc: Restablecer puntero de programa a old_prog en caso de error en mtk_xdp_setup() Restablecer puntero de programa eBPF a old_prog y no disminuir su contador de referencias si la rutina mtk_open en mtk_xdp_setup() falla.

25 Mar 2026, 11:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-25 11:16

Updated : 2026-05-22 00:16

NVD link : CVE-2026-23284

Mitre link : CVE-2026-23284

CVE.ORG link : CVE-2026-23284

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

5.5 /10