{ "document": { "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this portal to enhance access to its information and vulnerabilities. The use of this information is subject to the following terms and conditions:\n\nThe vulnerabilities disclosed in this portal are gathered by NCSC-NL from a variety of open sources, which the user can retrieve from other platforms. NCSC-NL makes every reasonable effort to ensure that the content of this portal is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or real-time keeping up-to-date. NCSC-NL does not control nor guarantee the accuracy, relevance, timeliness or completeness of information obtained from these external sources. The vulnerabilities disclosed in this portal are intended solely for the convenience of professional parties to take appropriate measures to manage the risks posed to the cybersecurity. No rights can be derived from the information provided therein.\n\nNCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of the vulnerabilities disclosed in this portal. This includes damage resulting from the inaccuracy of incompleteness of the information contained in it.\nThe information on this page is subject to Dutch law. All disputes related to or arising from the use of this portal regarding the disclosure of vulnerabilities will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "National Cyber Security Centre", "namespace": "https://www.ncsc.nl/" }, "title": "CVE-2026-23273", "tracking": { "current_release_date": "2026-04-02T16:11:14.299307Z", "generator": { "date": "2026-02-17T15:00:00Z", "engine": { "name": "V.E.L.M.A", "version": "1.7" } }, "id": "CVE-2026-23273", "initial_release_date": "2026-03-20T18:27:53.567015Z", "revision_history": [ { "date": "2026-03-20T18:27:53.567015Z", "number": "1", "summary": "CVE created.| Source created.| CVE status created. (valid)| Description created for source.| Products created (8).| Products connected (10).| References created (8)." }, { "date": "2026-03-20T18:28:12.218546Z", "number": "2", "summary": "NCSC Score created." }, { "date": "2026-03-20T18:28:44.180125Z", "number": "3", "summary": "Source created.| CVE status created. (valid)| Description created for source.| References created (8)." }, { "date": "2026-03-20T18:32:34.007733Z", "number": "4", "summary": "Source connected.| CVE status created. (valid)| Products connected (1).| References created (11)." }, { "date": "2026-03-20T18:32:36.348354Z", "number": "5", "summary": "NCSC Score updated." }, { "date": "2026-03-20T18:44:38.439375Z", "number": "6", "summary": "Source created.| CVE status created. (valid)| Products connected (2)." }, { "date": "2026-03-20T18:44:44.343943Z", "number": "7", "summary": "NCSC Score updated." }, { "date": "2026-03-20T22:18:36.320980Z", "number": "8", "summary": "Source connected.| CVE status created. (valid)| EPSS created." }, { "date": "2026-03-20T22:18:42.939262Z", "number": "9", "summary": "NCSC Score updated." }, { "date": "2026-03-21T00:28:02.254801Z", "number": "10", "summary": "Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| Products connected (13).| Product Identifiers created (5).| Product Remediations created (13).| References created (3).| CWES updated (1).| Vendor_assessment created." }, { "date": "2026-03-21T00:28:07.069598Z", "number": "11", "summary": "NCSC Score updated." }, { "date": "2026-03-21T06:43:48.497807Z", "number": "12", "summary": "Description created for source." }, { "date": "2026-04-02T09:56:46.427174Z", "number": "13", "summary": "Products connected (1).| References created (1)." }, { "date": "2026-04-02T09:56:50.455867Z", "number": "14", "summary": "NCSC Score updated." }, { "date": "2026-04-02T15:26:22.835541Z", "number": "15", "summary": "CVSS created." }, { "date": "2026-04-02T15:26:26.362543Z", "number": "16", "summary": "NCSC Score updated." }, { "date": "2026-04-02T15:40:22.049086Z", "number": "17", "summary": "CVSS created." }, { "date": "2026-04-02T15:40:30.012978Z", "number": "18", "summary": "NCSC Score updated." } ], "status": "interim", "version": "18" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:unknown/unknown", "product": { "name": "vers:unknown/unknown", "product_id": "CSAFPID-1330296", "product_identification_helper": { "cpe": "cpe:/o:amazon:linux_2:-" } } } ], "category": "product_name", "name": "Amazon Linux 2" } ], "category": "vendor", "name": "Amazon" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:git/11ba9f0dc865136174cb98834280fb21bbc950c7|<19c7d8ac51988d053709c1e85bd8482076af845d", "product": { "name": "vers:git/11ba9f0dc865136174cb98834280fb21bbc950c7|<19c7d8ac51988d053709c1e85bd8482076af845d", "product_id": "CSAFPID-5874556" } }, { "category": "product_version_range", "name": "vers:git/5dae6b36a7cb7a4fcf4121b95e9ca7f96f816c8a|<3d94323c80d7fc4da5f10f9bb06a45d39d5d3cc4", "product": { "name": "vers:git/5dae6b36a7cb7a4fcf4121b95e9ca7f96f816c8a|<3d94323c80d7fc4da5f10f9bb06a45d39d5d3cc4", "product_id": "CSAFPID-5874554" } }, { "category": "product_version_range", "name": "vers:git/986967a162142710076782d5b93daab93a892980|\ndump_stack_lvl (lib/dump_stack.c:123)\nprint_report (mm/kasan/report.c:379 mm/kasan/report.c:482)\n? macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444)\nkasan_report (mm/kasan/report.c:597)\n? macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444)\nmacvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444)\n? tasklet_init (kernel/softirq.c:983)\nmacvlan_handle_frame (drivers/net/macvlan.c:501)\n\nAllocated by task 169:\nkasan_save_stack (mm/kasan/common.c:58)\nkasan_save_track (./arch/x86/include/asm/current.h:25\nmm/kasan/common.c:70 mm/kasan/common.c:79)\n__kasan_kmalloc (mm/kasan/common.c:419)\n__kvmalloc_node_noprof (./include/linux/kasan.h:263 mm/slub.c:5657\nmm/slub.c:7140)\nalloc_netdev_mqs (net/core/dev.c:12012)\nrtnl_create_link (net/core/rtnetlink.c:3648)\nrtnl_newlink (net/core/rtnetlink.c:3830 net/core/rtnetlink.c:3957\nnet/core/rtnetlink.c:4072)\nrtnetlink_rcv_msg (net/core/rtnetlink.c:6958)\nnetlink_rcv_skb (net/netlink/af_netlink.c:2550)\nnetlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344)\nnetlink_sendmsg (net/netlink/af_netlink.c:1894)\n__sys_sendto (net/socket.c:727 net/socket.c:742 net/socket.c:2206)\n__x64_sys_sendto (net/socket.c:2209)\ndo_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131)\n\nFreed by task 169:\nkasan_save_stack (mm/kasan/common.c:58)\nkasan_save_track (./arch/x86/include/asm/current.h:25\nmm/kasan/common.c:70 mm/kasan/common.c:79)\nkasan_save_free_info (mm/kasan/generic.c:587)\n__kasan_slab_free (mm/kasan/common.c:287)\nkfree (mm/slub.c:6674 mm/slub.c:6882)\nrtnl_newlink (net/core/rtnetlink.c:3845 net/core/rtnetlink.c:3957\nnet/core/rtnetlink.c:4072)\nrtnetlink_rcv_msg (net/core/rtnetlink.c:6958)\nnetlink_rcv_skb (net/netlink/af_netlink.c:2550)\nnetlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344)\nnetlink_sendmsg (net/netlink/af_netlink.c:1894)\n__sys_sendto (net/socket.c:727 net/socket.c:742 net/socket.c:2206)\n__x64_sys_sendto (net/socket.c:2209)\ndo_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131)", "title": "cveprojectv5 - https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2026/23xxx/CVE-2026-23273.json" }, { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmacvlan: observe an RCU grace period in macvlan_common_newlink() error path\n\nvalis reported that a race condition still happens after my prior patch.\n\nmacvlan_common_newlink() might have made @dev visible before\ndetecting an error, and its caller will directly call free_netdev(dev).\n\nWe must respect an RCU period, either in macvlan or the core networking\nstack.\n\nAfter adding a temporary mdelay(1000) in macvlan_forward_source_one()\nto open the race window, valis repro was:\n\nip link add p1 type veth peer p2\nip link set address 00:00:00:00:00:20 dev p1\nip link set up dev p1\nip link set up dev p2\nip link add mv0 link p2 type macvlan mode source\n\n(ip link add invalid% link p2 type macvlan mode source macaddr add\n00:00:00:00:00:20 &) ; sleep 0.5 ; ping -c1 -I p1 1.2.3.4\nPING 1.2.3.4 (1.2.3.4): 56 data bytes\nRTNETLINK answers: Invalid argument\n\nBUG: KASAN: slab-use-after-free in macvlan_forward_source\n(drivers/net/macvlan.c:408 drivers/net/macvlan.c:444)\nRead of size 8 at addr ffff888016bb89c0 by task e/175\n\nCPU: 1 UID: 1000 PID: 175 Comm: e Not tainted 6.19.0-rc8+ #33 NONE\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014\nCall Trace:\n\ndump_stack_lvl (lib/dump_stack.c:123)\nprint_report (mm/kasan/report.c:379 mm/kasan/report.c:482)\n? macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444)\nkasan_report (mm/kasan/report.c:597)\n? macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444)\nmacvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444)\n? tasklet_init (kernel/softirq.c:983)\nmacvlan_handle_frame (drivers/net/macvlan.c:501)\n\nAllocated by task 169:\nkasan_save_stack (mm/kasan/common.c:58)\nkasan_save_track (./arch/x86/include/asm/current.h:25\nmm/kasan/common.c:70 mm/kasan/common.c:79)\n__kasan_kmalloc (mm/kasan/common.c:419)\n__kvmalloc_node_noprof (./include/linux/kasan.h:263 mm/slub.c:5657\nmm/slub.c:7140)\nalloc_netdev_mqs (net/core/dev.c:12012)\nrtnl_create_link (net/core/rtnetlink.c:3648)\nrtnl_newlink (net/core/rtnetlink.c:3830 net/core/rtnetlink.c:3957\nnet/core/rtnetlink.c:4072)\nrtnetlink_rcv_msg (net/core/rtnetlink.c:6958)\nnetlink_rcv_skb (net/netlink/af_netlink.c:2550)\nnetlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344)\nnetlink_sendmsg (net/netlink/af_netlink.c:1894)\n__sys_sendto (net/socket.c:727 net/socket.c:742 net/socket.c:2206)\n__x64_sys_sendto (net/socket.c:2209)\ndo_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131)\n\nFreed by task 169:\nkasan_save_stack (mm/kasan/common.c:58)\nkasan_save_track (./arch/x86/include/asm/current.h:25\nmm/kasan/common.c:70 mm/kasan/common.c:79)\nkasan_save_free_info (mm/kasan/generic.c:587)\n__kasan_slab_free (mm/kasan/common.c:287)\nkfree (mm/slub.c:6674 mm/slub.c:6882)\nrtnl_newlink (net/core/rtnetlink.c:3845 net/core/rtnetlink.c:3957\nnet/core/rtnetlink.c:4072)\nrtnetlink_rcv_msg (net/core/rtnetlink.c:6958)\nnetlink_rcv_skb (net/netlink/af_netlink.c:2550)\nnetlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344)\nnetlink_sendmsg (net/netlink/af_netlink.c:1894)\n__sys_sendto (net/socket.c:727 net/socket.c:742 net/socket.c:2206)\n__x64_sys_sendto (net/socket.c:2209)\ndo_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131)", "title": "nvd - https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-23273" }, { "category": "description", "text": "A flaw was found in the Linux kernel's macvlan module. A race condition can occur during the creation of a macvlan interface, where the device might be made visible before an error is detected. This can lead to a use-after-free vulnerability, allowing a local attacker to cause a system crash (Denial of Service) or potentially execute arbitrary code.\nThis vulnerability affects systems using macvlan network interfaces in source mode. The race occurs when creating a macvlan device with an invalid name while traffic is flowing through the parent interface. The device becomes visible to RCU readers before error detection, and subsequent cleanup frees the device without waiting for an RCU grace period, leading to UAF in macvlan_forward_source().", "title": "redhat - https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23273.json" }, { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved: macvlan: observe an RCU grace period in macvlan_common_newlink() error path valis reported that a race condition still happens after my prior patch. macvlan_common_newlink() might have made @dev visible before detecting an error, and its caller will directly call free_netdev(dev). We must respect an RCU period, either in macvlan or the core networking stack. After adding a temporary mdelay(1000) in macvlan_forward_source_one() to open the race window, valis repro was: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip link set up dev p2 ip link add mv0 link p2 type macvlan mode source (ip link add invalid% link p2 type macvlan mode source macaddr add 00:00:00:00:00:20 &) ; sleep 0.5 ; ping -c1 -I p1 1.2.3.4 PING 1.2.3.4 (1.2.3.4): 56 data bytes RTNETLINK answers: Invalid argument BUG: KASAN: slab-use-after-free in macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444) Read of size 8 at addr ffff888016bb89c0 by task e/175 CPU: 1 UID: 1000 PID: 175 Comm: e Not tainted 6.19.0-rc8+ #33 NONE Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014 Call Trace: dump_stack_lvl (lib/dump_stack.c:123) print_report (mm/kasan/report.c:379 mm/kasan/report.c:482) ? macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444) kasan_report (mm/kasan/report.c:597) ? macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444) macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444) ? tasklet_init (kernel/softirq.c:983) macvlan_handle_frame (drivers/net/macvlan.c:501) Allocated by task 169: kasan_save_stack (mm/kasan/common.c:58) kasan_save_track (./arch/x86/include/asm/current.h:25 mm/kasan/common.c:70 mm/kasan/common.c:79) __kasan_kmalloc (mm/kasan/common.c:419) __kvmalloc_node_noprof (./include/linux/kasan.h:263 mm/slub.c:5657 mm/slub.c:7140) alloc_netdev_mqs (net/core/dev.c:12012) rtnl_create_link (net/core/rtnetlink.c:3648) rtnl_newlink (net/core/rtnetlink.c:3830 net/core/rtnetlink.c:3957 net/core/rtnetlink.c:4072) rtnetlink_rcv_msg (net/core/rtnetlink.c:6958) netlink_rcv_skb (net/netlink/af_netlink.c:2550) netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344) netlink_sendmsg (net/netlink/af_netlink.c:1894) __sys_sendto (net/socket.c:727 net/socket.c:742 net/socket.c:2206) __x64_sys_sendto (net/socket.c:2209) do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131) Freed by task 169: kasan_save_stack (mm/kasan/common.c:58) kasan_save_track (./arch/x86/include/asm/current.h:25 mm/kasan/common.c:70 mm/kasan/common.c:79) kasan_save_free_info (mm/kasan/generic.c:587) __kasan_slab_free (mm/kasan/common.c:287) kfree (mm/slub.c:6674 mm/slub.c:6882) rtnl_newlink (net/core/rtnetlink.c:3845 net/core/rtnetlink.c:3957 net/core/rtnetlink.c:4072) rtnetlink_rcv_msg (net/core/rtnetlink.c:6958) netlink_rcv_skb (net/netlink/af_netlink.c:2550) netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344) netlink_sendmsg (net/netlink/af_netlink.c:1894) __sys_sendto (net/socket.c:727 net/socket.c:742 net/socket.c:2206) __x64_sys_sendto (net/socket.c:2209) do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131)", "title": "debian - https://security-tracker.debian.org/tracker/CVE-2026-23273" }, { "category": "other", "text": "0.00024", "title": "EPSS" }, { "category": "other", "text": "3.8", "title": "NCSC Score" }, { "category": "other", "text": "Is related to an uncommon cwe id", "title": "NCSC Score top increasing factors" }, { "category": "other", "text": "The value of the most recent EPSS score, Is related to a product by vendor Linux, Is related to a product by vendor Debian", "title": "NCSC Score top decreasing factors" }, { "category": "details", "text": "Severity: 2\n", "title": "Vendor assessment" } ], "product_status": { "known_affected": [ "CSAFPID-5669166", "CSAFPID-5874553", "CSAFPID-5874554", "CSAFPID-5874555", "CSAFPID-5874556", "CSAFPID-5874557", "CSAFPID-5874558", "CSAFPID-5874559", "CSAFPID-5874560", "CSAFPID-1330297", "CSAFPID-2036021", "CSAFPID-2036024", "CSAFPID-1439321", "CSAFPID-1453376", "CSAFPID-1330296" ], "known_not_affected": [ "CSAFPID-5669083", "CSAFPID-5669167", "CSAFPID-5758089", "CSAFPID-5758090", "CSAFPID-5758110", "CSAFPID-5758111", "CSAFPID-5758112", "CSAFPID-5831012", "CSAFPID-5831013", "CSAFPID-1439315", "CSAFPID-1439317", "CSAFPID-1439319", "CSAFPID-1453377", "CSAFPID-1453378", "CSAFPID-1453379", "CSAFPID-1453380", "CSAFPID-1453381", "CSAFPID-1453382", "CSAFPID-2858634", "CSAFPID-2858635" ] }, "references": [ { "category": "external", "summary": "Source - cveprojectv5", "url": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2026/23xxx/CVE-2026-23273.json" }, { "category": "external", "summary": "Source - nvd", "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-23273" }, { "category": "external", "summary": "Source - certbundde", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0809.json" }, { "category": "external", "summary": "Source - debian", "url": "https://security-tracker.debian.org/tracker/CVE-2026-23273" }, { "category": "external", "summary": "Source - first", "url": "https://api.first.org/data/v1/epss?limit=10000&offset=0" }, { "category": "external", "summary": "Source - redhat", "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23273.json" }, { "category": "external", "summary": "Reference - cveprojectv5; nvd", "url": "https://git.kernel.org/stable/c/91e4ff8d966978901630fc29582c1a76d3c6e46c" }, { "category": "external", "summary": "Reference - cveprojectv5; nvd", "url": "https://git.kernel.org/stable/c/3d94323c80d7fc4da5f10f9bb06a45d39d5d3cc4" }, { "category": "external", "summary": "Reference - cveprojectv5; nvd", "url": "https://git.kernel.org/stable/c/721eb342d9ba19bad5c4815ea3921465158b7362" }, { "category": "external", "summary": "Reference - cveprojectv5; nvd", "url": "https://git.kernel.org/stable/c/19c7d8ac51988d053709c1e85bd8482076af845d" }, { "category": "external", "summary": "Reference - cveprojectv5; nvd", "url": "https://git.kernel.org/stable/c/a1f686d273d129b45712d95f4095843b864466bd" }, { "category": "external", "summary": "Reference - cveprojectv5; nvd", "url": "https://git.kernel.org/stable/c/d34f7a8aa9a25b7e64e0e46e444697c0f702374d" }, { "category": "external", "summary": "Reference - cveprojectv5; nvd", "url": "https://git.kernel.org/stable/c/1e58ae87ad1e6e24368dea9aec9048c758cd0e2b" }, { "category": "external", "summary": "Reference - cveprojectv5; nvd", "url": "https://git.kernel.org/stable/c/e3f000f0dee1bfab52e2e61ca6a3835d9e187e35" }, { "category": "external", "summary": "Reference - certbundde", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0809.json" }, { "category": "external", "summary": "Reference - certbundde", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0809" }, { "category": "external", "summary": "Reference - certbundde", "url": "https://lore.kernel.org/linux-cve-announce/" }, { "category": "external", "summary": "Reference - certbundde", "url": "https://lore.kernel.org/linux-cve-announce/2026032031-CVE-2026-23271-657a@gregkh/" }, { "category": "external", "summary": "Reference - certbundde", "url": "https://lore.kernel.org/linux-cve-announce/2026032034-CVE-2026-23272-8ad1@gregkh/" }, { "category": "external", "summary": "Reference - certbundde", "url": "https://lore.kernel.org/linux-cve-announce/2026032034-CVE-2026-23273-3669@gregkh/" }, { "category": "external", "summary": "Reference - certbundde", "url": "https://lore.kernel.org/linux-cve-announce/2026032034-CVE-2026-23274-ba1d@gregkh/" }, { "category": "external", "summary": "Reference - certbundde", "url": "https://lore.kernel.org/linux-cve-announce/2026032035-CVE-2026-23275-33fe@gregkh/" }, { "category": "external", "summary": "Reference - certbundde", "url": "https://lore.kernel.org/linux-cve-announce/2026032035-CVE-2026-23276-7fd3@gregkh/" }, { "category": "external", "summary": "Reference - certbundde", "url": "https://lore.kernel.org/linux-cve-announce/2026032036-CVE-2026-23277-e478@gregkh/" }, { "category": "external", "summary": "Reference - certbundde", "url": "https://lore.kernel.org/linux-cve-announce/2026032036-CVE-2026-23278-4dcc@gregkh/" }, { "category": "external", "summary": "Reference - redhat", "url": "https://www.cve.org/CVERecord?id=CVE-2026-23273" }, { "category": "external", "summary": "Reference - redhat", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23273" }, { "category": "external", "summary": "Reference - redhat", "url": "https://lore.kernel.org/linux-cve-announce/2026032034-CVE-2026-23273-3669@gregkh/T" }, { "category": "external", "summary": "Reference - certbundde", "url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2026-115.html" } ], "remediations": [ { "category": "mitigation", "details": "To mitigate this issue, prevent the macvlan module from being loaded. See https://access.redhat.com/solutions/41278 for instructions.", "product_ids": [ "CSAFPID-1439315", "CSAFPID-1439317", "CSAFPID-1439319", "CSAFPID-1439321", "CSAFPID-1453376", "CSAFPID-1453377", "CSAFPID-1453378", "CSAFPID-1453379", "CSAFPID-1453380", "CSAFPID-1453381", "CSAFPID-1453382", "CSAFPID-2858634", "CSAFPID-2858635" ] } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1330296", "CSAFPID-1330297", "CSAFPID-1439321", "CSAFPID-1453376", "CSAFPID-2036021", "CSAFPID-2036024", "CSAFPID-5669166", "CSAFPID-5874553", "CSAFPID-5874554", "CSAFPID-5874555", "CSAFPID-5874556", "CSAFPID-5874557", "CSAFPID-5874558", "CSAFPID-5874559", "CSAFPID-5874560" ] } ], "title": "CVE-2026-23273" } ] }