{
    "document": {
        "category": "csaf_base",
        "csaf_version": "2.0",
        "distribution": {
            "tlp": {
                "label": "WHITE"
            }
        },
        "lang": "en",
        "notes": [
            {
                "category": "legal_disclaimer",
                "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this portal to enhance access to its information and vulnerabilities. The use of this information is subject to the following terms and conditions:\n\nThe vulnerabilities disclosed in this portal are gathered by NCSC-NL from a variety of open sources, which the user can retrieve from other platforms. NCSC-NL makes every reasonable effort to ensure that the content of this portal is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or real-time keeping up-to-date. NCSC-NL does not control nor guarantee the accuracy, relevance, timeliness or completeness of information obtained from these external sources. The vulnerabilities disclosed in this portal are intended solely for the convenience of professional parties to take appropriate measures to manage the risks posed to the cybersecurity. No rights can be derived from the information provided therein.\n\nNCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of the vulnerabilities disclosed in this portal. This includes damage resulting from the inaccuracy of incompleteness of the information contained in it.\nThe information on this page is subject to Dutch law. All disputes related to or arising from the use of this portal regarding the disclosure of vulnerabilities will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
            }
        ],
        "publisher": {
            "category": "coordinator",
            "contact_details": "cert@ncsc.nl",
            "name": "National Cyber Security Centre",
            "namespace": "https://www.ncsc.nl/"
        },
        "title": "CVE-2026-23340",
        "tracking": {
            "current_release_date": "2026-04-02T15:48:51.669838Z",
            "generator": {
                "date": "2026-02-17T15:00:00Z",
                "engine": {
                    "name": "V.E.L.M.A",
                    "version": "1.7"
                }
            },
            "id": "CVE-2026-23340",
            "initial_release_date": "2026-03-25T10:42:37.339193Z",
            "revision_history": [
                {
                    "date": "2026-03-25T10:42:37.339193Z",
                    "number": "1",
                    "summary": "CVE created.| Source created.| CVE status created. (valid)| Description created for source.| Products created (6).| Products connected (8).| References created (6)."
                },
                {
                    "date": "2026-03-25T10:42:40.155436Z",
                    "number": "2",
                    "summary": "NCSC Score created."
                },
                {
                    "date": "2026-03-25T11:31:17.685798Z",
                    "number": "3",
                    "summary": "Source created.| CVE status created. (valid)| Description created for source.| References created (6)."
                },
                {
                    "date": "2026-03-25T13:13:56.037738Z",
                    "number": "4",
                    "summary": "Source connected.| CVE status created. (valid)| Products connected (1).| References created (120)."
                },
                {
                    "date": "2026-03-25T13:13:59.501376Z",
                    "number": "5",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-25T18:44:27.290743Z",
                    "number": "6",
                    "summary": "Source created.| CVE status created. (valid)| Products connected (2)."
                },
                {
                    "date": "2026-03-25T18:44:29.505778Z",
                    "number": "7",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-26T00:28:38.547976Z",
                    "number": "8",
                    "summary": "Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| Products connected (13).| Product Identifiers created (5).| References created (3).| CWES updated (1).| Vendor_assessment created."
                },
                {
                    "date": "2026-03-26T00:28:47.262248Z",
                    "number": "9",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-26T01:10:56.285577Z",
                    "number": "10",
                    "summary": "Source connected.| CVE status created. (valid)| EPSS created."
                },
                {
                    "date": "2026-03-26T01:10:58.724303Z",
                    "number": "11",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-26T06:45:07.070917Z",
                    "number": "12",
                    "summary": "Description created for source."
                },
                {
                    "date": "2026-03-26T12:20:11.598943Z",
                    "number": "13",
                    "summary": "Source connected.| CVE status created. (valid)| Description created for source.| CVSS created.| Products connected (1)."
                },
                {
                    "date": "2026-03-28T12:19:52.134597Z",
                    "number": "14",
                    "summary": "Product Remediations created (1)."
                },
                {
                    "date": "2026-03-28T12:19:54.856156Z",
                    "number": "15",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-04-02T15:26:51.973112Z",
                    "number": "16",
                    "summary": "CVSS created."
                },
                {
                    "date": "2026-04-02T15:26:53.838053Z",
                    "number": "17",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-04-02T15:40:34.300890Z",
                    "number": "18",
                    "summary": "CVSS created."
                },
                {
                    "date": "2026-04-02T15:40:43.841623Z",
                    "number": "19",
                    "summary": "NCSC Score updated."
                }
            ],
            "status": "interim",
            "version": "19"
        }
    },
    "product_tree": {
        "branches": [
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:git/6b3ba9146fe64b9bebb6346c9dcfe3b4851de2d7|<5bc4e69306ed7ae02232eb4c0b23ed621a26d504",
                                "product": {
                                    "name": "vers:git/6b3ba9146fe64b9bebb6346c9dcfe3b4851de2d7|<5bc4e69306ed7ae02232eb4c0b23ed621a26d504",
                                    "product_id": "CSAFPID-5905196"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:git/6b3ba9146fe64b9bebb6346c9dcfe3b4851de2d7|<7594467c49bfc2f4644dee0415ac2290db11fa0d",
                                "product": {
                                    "name": "vers:git/6b3ba9146fe64b9bebb6346c9dcfe3b4851de2d7|<7594467c49bfc2f4644dee0415ac2290db11fa0d",
                                    "product_id": "CSAFPID-5905194"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:git/6b3ba9146fe64b9bebb6346c9dcfe3b4851de2d7|<7f083faf59d14c04e01ec05a7507f036c965acf8",
                                "product": {
                                    "name": "vers:git/6b3ba9146fe64b9bebb6346c9dcfe3b4851de2d7|<7f083faf59d14c04e01ec05a7507f036c965acf8",
                                    "product_id": "CSAFPID-5905199"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:git/6b3ba9146fe64b9bebb6346c9dcfe3b4851de2d7|<8314944cc3bdeaa5a73e6f8a8cf0d94822e625cb",
                                "product": {
                                    "name": "vers:git/6b3ba9146fe64b9bebb6346c9dcfe3b4851de2d7|<8314944cc3bdeaa5a73e6f8a8cf0d94822e625cb",
                                    "product_id": "CSAFPID-5905197"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:git/6b3ba9146fe64b9bebb6346c9dcfe3b4851de2d7|<c69df4e0524f8de8e176ba389acd83e85f5f49d0",
                                "product": {
                                    "name": "vers:git/6b3ba9146fe64b9bebb6346c9dcfe3b4851de2d7|<c69df4e0524f8de8e176ba389acd83e85f5f49d0",
                                    "product_id": "CSAFPID-5905198"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:git/6b3ba9146fe64b9bebb6346c9dcfe3b4851de2d7|<dbd58b0730aa06ab6ad26079cf9a5b6b58e7e750",
                                "product": {
                                    "name": "vers:git/6b3ba9146fe64b9bebb6346c9dcfe3b4851de2d7|<dbd58b0730aa06ab6ad26079cf9a5b6b58e7e750",
                                    "product_id": "CSAFPID-5905195"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:semver/6.1.167|<=6.1.*",
                                "product": {
                                    "name": "vers:semver/6.1.167|<=6.1.*",
                                    "product_id": "CSAFPID-5904654"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:semver/6.12.77|<=6.12.*",
                                "product": {
                                    "name": "vers:semver/6.12.77|<=6.12.*",
                                    "product_id": "CSAFPID-5815258"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:semver/6.18.17|<=6.18.*",
                                "product": {
                                    "name": "vers:semver/6.18.17|<=6.18.*",
                                    "product_id": "CSAFPID-5843428"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:semver/6.19.7|<=6.19.*",
                                "product": {
                                    "name": "vers:semver/6.19.7|<=6.19.*",
                                    "product_id": "CSAFPID-5843429"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:semver/6.6.130|<=6.6.*",
                                "product": {
                                    "name": "vers:semver/6.6.130|<=6.6.*",
                                    "product_id": "CSAFPID-5904647"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:semver/<4.16",
                                "product": {
                                    "name": "vers:semver/<4.16",
                                    "product_id": "CSAFPID-1289576"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/4.16",
                                "product": {
                                    "name": "vers:unknown/4.16",
                                    "product_id": "CSAFPID-1289575"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/7.0-rc3|<=*",
                                "product": {
                                    "name": "vers:unknown/7.0-rc3|<=*",
                                    "product_id": "CSAFPID-5843434"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Linux"
                    }
                ],
                "category": "vendor",
                "name": "Linux"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/unknown",
                                "product": {
                                    "name": "vers:unknown/unknown",
                                    "product_id": "CSAFPID-1330297",
                                    "product_identification_helper": {
                                        "cpe": "cpe:/o:linux:linux_kernel:-"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Open Source Linux Kernel"
                    }
                ],
                "category": "vendor",
                "name": "Open Source"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:rpm/10",
                                "product": {
                                    "name": "vers:rpm/10",
                                    "product_id": "CSAFPID-2858634",
                                    "product_identification_helper": {
                                        "cpe": "cpe:/o:redhat:enterprise_linux:10"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Red Hat Enterprise Linux 10"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:rpm/6",
                                "product": {
                                    "name": "vers:rpm/6",
                                    "product_id": "CSAFPID-1439321",
                                    "product_identification_helper": {
                                        "cpe": "cpe:/o:redhat:enterprise_linux:6"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Red Hat Enterprise Linux 6"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:rpm/7",
                                "product": {
                                    "name": "vers:rpm/7",
                                    "product_id": "CSAFPID-1439315",
                                    "product_identification_helper": {
                                        "cpe": "cpe:/o:redhat:enterprise_linux:7"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Red Hat Enterprise Linux 7"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:rpm/8",
                                "product": {
                                    "name": "vers:rpm/8",
                                    "product_id": "CSAFPID-1439317",
                                    "product_identification_helper": {
                                        "cpe": "cpe:/o:redhat:enterprise_linux:8"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Red Hat Enterprise Linux 8"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:rpm/9",
                                "product": {
                                    "name": "vers:rpm/9",
                                    "product_id": "CSAFPID-1439319",
                                    "product_identification_helper": {
                                        "cpe": "cpe:/a:redhat:enterprise_linux:9"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Red Hat Enterprise Linux 9"
                    },
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:rpm/unknown",
                                        "product": {
                                            "name": "vers:rpm/unknown",
                                            "product_id": "CSAFPID-2858635"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "kernel"
                            }
                        ],
                        "category": "product_family",
                        "name": "Red Hat Enterprise Linux 10"
                    },
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:rpm/unknown",
                                        "product": {
                                            "name": "vers:rpm/unknown",
                                            "product_id": "CSAFPID-1453376"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "kernel"
                            }
                        ],
                        "category": "product_family",
                        "name": "Red Hat Enterprise Linux 6"
                    },
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:rpm/unknown",
                                        "product": {
                                            "name": "vers:rpm/unknown",
                                            "product_id": "CSAFPID-1453377"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "kernel"
                            },
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:rpm/unknown",
                                        "product": {
                                            "name": "vers:rpm/unknown",
                                            "product_id": "CSAFPID-1453378"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "kernel-rt"
                            }
                        ],
                        "category": "product_family",
                        "name": "Red Hat Enterprise Linux 7"
                    },
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:rpm/unknown",
                                        "product": {
                                            "name": "vers:rpm/unknown",
                                            "product_id": "CSAFPID-1453379"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "kernel"
                            },
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:rpm/unknown",
                                        "product": {
                                            "name": "vers:rpm/unknown",
                                            "product_id": "CSAFPID-1453380"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "kernel-rt"
                            }
                        ],
                        "category": "product_family",
                        "name": "Red Hat Enterprise Linux 8"
                    },
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:rpm/unknown",
                                        "product": {
                                            "name": "vers:rpm/unknown",
                                            "product_id": "CSAFPID-1453381"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "kernel"
                            },
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:rpm/unknown",
                                        "product": {
                                            "name": "vers:rpm/unknown",
                                            "product_id": "CSAFPID-1453382"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "kernel-rt"
                            }
                        ],
                        "category": "product_family",
                        "name": "Red Hat Enterprise Linux 9"
                    }
                ],
                "category": "vendor",
                "name": "Red Hat"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:microsoft/*",
                                        "product": {
                                            "name": "vers:microsoft/*",
                                            "product_id": "CSAFPID-5761981",
                                            "product_identification_helper": {
                                                "cpe": "cpe:2.3:a:microsoft:azl3_kernel_6.6.126.1-1:*:*:*:*:*:*:*:*"
                                            }
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "azl3 kernel 6.6.126.1-1 on Azure Linux 3.0"
                            }
                        ],
                        "category": "product_family",
                        "name": "Open Source Software"
                    }
                ],
                "category": "vendor",
                "name": "Microsoft"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:deb/unknown",
                                        "product": {
                                            "name": "vers:deb/unknown",
                                            "product_id": "CSAFPID-2036024"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "linux"
                            }
                        ],
                        "category": "product_family",
                        "name": "bookworm"
                    },
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:deb/unknown",
                                        "product": {
                                            "name": "vers:deb/unknown",
                                            "product_id": "CSAFPID-2036021"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "linux"
                            }
                        ],
                        "category": "product_family",
                        "name": "bullseye"
                    }
                ],
                "category": "vendor",
                "name": "Debian"
            }
        ]
    },
    "vulnerabilities": [
        {
            "cve": "CVE-2026-23340",
            "cwe": {
                "id": "CWE-364",
                "name": "Signal Handler Race Condition"
            },
            "notes": [
                {
                    "category": "description",
                    "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs\n\nWhen shrinking the number of real tx queues,\nnetif_set_real_num_tx_queues() calls qdisc_reset_all_tx_gt() to flush\nqdiscs for queues which will no longer be used.\n\nqdisc_reset_all_tx_gt() currently serializes qdisc_reset() with\nqdisc_lock(). However, for lockless qdiscs, the dequeue path is\nserialized by qdisc_run_begin/end() using qdisc->seqlock instead, so\nqdisc_reset() can run concurrently with __qdisc_run() and free skbs\nwhile they are still being dequeued, leading to UAF.\n\nThis can easily be reproduced on e.g. virtio-net by imposing heavy\ntraffic while frequently changing the number of queue pairs:\n\n  iperf3 -ub0 -c $peer -t 0 &\n  while :; do\n    ethtool -L eth0 combined 1\n    ethtool -L eth0 combined 2\n  done\n\nWith KASAN enabled, this leads to reports like:\n\n  BUG: KASAN: slab-use-after-free in __qdisc_run+0x133f/0x1760\n  ...\n  Call Trace:\n   <TASK>\n   ...\n   __qdisc_run+0x133f/0x1760\n   __dev_queue_xmit+0x248f/0x3550\n   ip_finish_output2+0xa42/0x2110\n   ip_output+0x1a7/0x410\n   ip_send_skb+0x2e6/0x480\n   udp_send_skb+0xb0a/0x1590\n   udp_sendmsg+0x13c9/0x1fc0\n   ...\n   </TASK>\n\n  Allocated by task 1270 on cpu 5 at 44.558414s:\n   ...\n   alloc_skb_with_frags+0x84/0x7c0\n   sock_alloc_send_pskb+0x69a/0x830\n   __ip_append_data+0x1b86/0x48c0\n   ip_make_skb+0x1e8/0x2b0\n   udp_sendmsg+0x13a6/0x1fc0\n   ...\n\n  Freed by task 1306 on cpu 3 at 44.558445s:\n   ...\n   kmem_cache_free+0x117/0x5e0\n   pfifo_fast_reset+0x14d/0x580\n   qdisc_reset+0x9e/0x5f0\n   netif_set_real_num_tx_queues+0x303/0x840\n   virtnet_set_channels+0x1bf/0x260 [virtio_net]\n   ethnl_set_channels+0x684/0xae0\n   ethnl_default_set_doit+0x31a/0x890\n   ...\n\nSerialize qdisc_reset_all_tx_gt() against the lockless dequeue path by\ntaking qdisc->seqlock for TCQ_F_NOLOCK qdiscs, matching the\nserialization model already used by dev_reset_queue().\n\nAdditionally clear QDISC_STATE_NON_EMPTY after reset so the qdisc state\nreflects an empty queue, avoiding needless re-scheduling.",
                    "title": "cveprojectv5 - https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2026/23xxx/CVE-2026-23340.json"
                },
                {
                    "category": "description",
                    "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs\n\nWhen shrinking the number of real tx queues,\nnetif_set_real_num_tx_queues() calls qdisc_reset_all_tx_gt() to flush\nqdiscs for queues which will no longer be used.\n\nqdisc_reset_all_tx_gt() currently serializes qdisc_reset() with\nqdisc_lock(). However, for lockless qdiscs, the dequeue path is\nserialized by qdisc_run_begin/end() using qdisc->seqlock instead, so\nqdisc_reset() can run concurrently with __qdisc_run() and free skbs\nwhile they are still being dequeued, leading to UAF.\n\nThis can easily be reproduced on e.g. virtio-net by imposing heavy\ntraffic while frequently changing the number of queue pairs:\n\n  iperf3 -ub0 -c $peer -t 0 &\n  while :; do\n    ethtool -L eth0 combined 1\n    ethtool -L eth0 combined 2\n  done\n\nWith KASAN enabled, this leads to reports like:\n\n  BUG: KASAN: slab-use-after-free in __qdisc_run+0x133f/0x1760\n  ...\n  Call Trace:\n   <TASK>\n   ...\n   __qdisc_run+0x133f/0x1760\n   __dev_queue_xmit+0x248f/0x3550\n   ip_finish_output2+0xa42/0x2110\n   ip_output+0x1a7/0x410\n   ip_send_skb+0x2e6/0x480\n   udp_send_skb+0xb0a/0x1590\n   udp_sendmsg+0x13c9/0x1fc0\n   ...\n   </TASK>\n\n  Allocated by task 1270 on cpu 5 at 44.558414s:\n   ...\n   alloc_skb_with_frags+0x84/0x7c0\n   sock_alloc_send_pskb+0x69a/0x830\n   __ip_append_data+0x1b86/0x48c0\n   ip_make_skb+0x1e8/0x2b0\n   udp_sendmsg+0x13a6/0x1fc0\n   ...\n\n  Freed by task 1306 on cpu 3 at 44.558445s:\n   ...\n   kmem_cache_free+0x117/0x5e0\n   pfifo_fast_reset+0x14d/0x580\n   qdisc_reset+0x9e/0x5f0\n   netif_set_real_num_tx_queues+0x303/0x840\n   virtnet_set_channels+0x1bf/0x260 [virtio_net]\n   ethnl_set_channels+0x684/0xae0\n   ethnl_default_set_doit+0x31a/0x890\n   ...\n\nSerialize qdisc_reset_all_tx_gt() against the lockless dequeue path by\ntaking qdisc->seqlock for TCQ_F_NOLOCK qdiscs, matching the\nserialization model already used by dev_reset_queue().\n\nAdditionally clear QDISC_STATE_NON_EMPTY after reset so the qdisc state\nreflects an empty queue, avoiding needless re-scheduling.",
                    "title": "nvd - https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-23340"
                },
                {
                    "category": "description",
                    "text": "A flaw was found in the Linux kernel. A race condition exists in the network queue management (qdisc) component when the number of transmit queues is dynamically reduced while network traffic is active. This can lead to a Use-After-Free (UAF) vulnerability, where memory is prematurely freed while still being accessed. A local attacker could exploit this to cause a denial of service.\nThis flaw affects systems where network queue counts are dynamically changed (e.g., via ethtool -L) while traffic is flowing. The race between qdisc_reset_all_tx_gt() and __qdisc_run() for lockless qdiscs causes SKBs to be freed while being dequeued. Easily reproducible on virtio-net with concurrent queue resizing and traffic.",
                    "title": "redhat - https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23340.json"
                },
                {
                    "category": "description",
                    "text": "In the Linux kernel, the following vulnerability has been resolved:  net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs  When shrinking the number of real tx queues, netif_set_real_num_tx_queues() calls qdisc_reset_all_tx_gt() to flush qdiscs for queues which will no longer be used.  qdisc_reset_all_tx_gt() currently serializes qdisc_reset() with qdisc_lock(). However, for lockless qdiscs, the dequeue path is serialized by qdisc_run_begin/end() using qdisc->seqlock instead, so qdisc_reset() can run concurrently with __qdisc_run() and free skbs while they are still being dequeued, leading to UAF.  This can easily be reproduced on e.g. virtio-net by imposing heavy traffic while frequently changing the number of queue pairs:    iperf3 -ub0 -c $peer -t 0 &   while :; do     ethtool -L eth0 combined 1     ethtool -L eth0 combined 2   done  With KASAN enabled, this leads to reports like:    BUG: KASAN: slab-use-after-free in __qdisc_run+0x133f/0x1760   ...   Call Trace:    <TASK>    ...    __qdisc_run+0x133f/0x1760    __dev_queue_xmit+0x248f/0x3550    ip_finish_output2+0xa42/0x2110    ip_output+0x1a7/0x410    ip_send_skb+0x2e6/0x480    udp_send_skb+0xb0a/0x1590    udp_sendmsg+0x13c9/0x1fc0    ...    </TASK>    Allocated by task 1270 on cpu 5 at 44.558414s:    ...    alloc_skb_with_frags+0x84/0x7c0    sock_alloc_send_pskb+0x69a/0x830    __ip_append_data+0x1b86/0x48c0    ip_make_skb+0x1e8/0x2b0    udp_sendmsg+0x13a6/0x1fc0    ...    Freed by task 1306 on cpu 3 at 44.558445s:    ...    kmem_cache_free+0x117/0x5e0    pfifo_fast_reset+0x14d/0x580    qdisc_reset+0x9e/0x5f0    netif_set_real_num_tx_queues+0x303/0x840    virtnet_set_channels+0x1bf/0x260 [virtio_net]    ethnl_set_channels+0x684/0xae0    ethnl_default_set_doit+0x31a/0x890    ...  Serialize qdisc_reset_all_tx_gt() against the lockless dequeue path by taking qdisc->seqlock for TCQ_F_NOLOCK qdiscs, matching the serialization model already used by dev_reset_queue().  Additionally clear QDISC_STATE_NON_EMPTY after reset so the qdisc state reflects an empty queue, avoiding needless re-scheduling.",
                    "title": "debian - https://security-tracker.debian.org/tracker/CVE-2026-23340"
                },
                {
                    "category": "description",
                    "text": "net: sched: avoid qdisc\\_reset\\_all\\_tx\\_gt() vs dequeue race for lockless qdiscs",
                    "title": "microsoft - https://api.msrc.microsoft.com/cvrf/v3.0/cvrf/2026-Mar"
                },
                {
                    "category": "other",
                    "text": "0.00024",
                    "title": "EPSS"
                },
                {
                    "category": "other",
                    "text": "4.2",
                    "title": "NCSC Score"
                },
                {
                    "category": "other",
                    "text": "VENDOR FIX as product remediation category, Is related to an uncommon cwe id",
                    "title": "NCSC Score top increasing factors"
                },
                {
                    "category": "other",
                    "text": "The value of the most recent EPSS score, Is related to a product by vendor Linux, Is related to a product by vendor Open Source, Is related to a product by vendor Debian",
                    "title": "NCSC Score top decreasing factors"
                },
                {
                    "category": "details",
                    "text": "Severity: 2\n",
                    "title": "Vendor assessment"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1289575",
                    "CSAFPID-5905194",
                    "CSAFPID-5905195",
                    "CSAFPID-5905196",
                    "CSAFPID-5905197",
                    "CSAFPID-5905198",
                    "CSAFPID-5905199",
                    "CSAFPID-1330297",
                    "CSAFPID-2036021",
                    "CSAFPID-2036024",
                    "CSAFPID-1439317",
                    "CSAFPID-1439319",
                    "CSAFPID-1439321",
                    "CSAFPID-1453376",
                    "CSAFPID-1453379",
                    "CSAFPID-1453380",
                    "CSAFPID-1453381",
                    "CSAFPID-1453382",
                    "CSAFPID-2858634",
                    "CSAFPID-2858635",
                    "CSAFPID-5761981"
                ],
                "known_not_affected": [
                    "CSAFPID-1289576",
                    "CSAFPID-5815258",
                    "CSAFPID-5843428",
                    "CSAFPID-5843429",
                    "CSAFPID-5843434",
                    "CSAFPID-5904647",
                    "CSAFPID-5904654",
                    "CSAFPID-1439315",
                    "CSAFPID-1453377",
                    "CSAFPID-1453378"
                ]
            },
            "references": [
                {
                    "category": "external",
                    "summary": "Source - cveprojectv5",
                    "url": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2026/23xxx/CVE-2026-23340.json"
                },
                {
                    "category": "external",
                    "summary": "Source - nvd",
                    "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-23340"
                },
                {
                    "category": "external",
                    "summary": "Source - certbundde",
                    "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0861.json"
                },
                {
                    "category": "external",
                    "summary": "Source - debian",
                    "url": "https://security-tracker.debian.org/tracker/CVE-2026-23340"
                },
                {
                    "category": "external",
                    "summary": "Source - redhat",
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23340.json"
                },
                {
                    "category": "external",
                    "summary": "Source - first",
                    "url": "https://api.first.org/data/v1/epss?limit=10000&offset=0"
                },
                {
                    "category": "external",
                    "summary": "Source - microsoft",
                    "url": "https://api.msrc.microsoft.com/cvrf/v3.0/cvrf/2026-Mar"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; nvd",
                    "url": "https://git.kernel.org/stable/c/7594467c49bfc2f4644dee0415ac2290db11fa0d"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; nvd",
                    "url": "https://git.kernel.org/stable/c/dbd58b0730aa06ab6ad26079cf9a5b6b58e7e750"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; nvd",
                    "url": "https://git.kernel.org/stable/c/5bc4e69306ed7ae02232eb4c0b23ed621a26d504"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; nvd",
                    "url": "https://git.kernel.org/stable/c/8314944cc3bdeaa5a73e6f8a8cf0d94822e625cb"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; nvd",
                    "url": "https://git.kernel.org/stable/c/c69df4e0524f8de8e176ba389acd83e85f5f49d0"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; nvd",
                    "url": "https://git.kernel.org/stable/c/7f083faf59d14c04e01ec05a7507f036c965acf8"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0861.json"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0861"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032522-CVE-2026-23279-cf34@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23280-cd9e@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23281-2e62@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23282-bad0@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23283-3d92@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23284-ca53@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23285-ad41@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23286-8a7e@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23287-93b2@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23288-1d11@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23289-aa54@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23290-af97@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23291-eae3@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23292-67e8@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23293-b422@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23294-1682@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23295-59d2@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23296-eb4a@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23297-bcad@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23298-fad9@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23299-6471@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23300-9bc4@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23301-09e7@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23302-e03d@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23303-8e38@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23304-485b@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23305-5fa4@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23306-8854@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23307-60f2@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23308-1e72@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23309-4243@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23310-9b67@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23311-8c0b@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23312-2b11@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23313-925e@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23314-166c@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23315-9ac1@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23316-2ce3@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23317-0e9e@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23318-bef0@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23319-1e3d@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23320-0ae7@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23321-6059@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23322-9fd3@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23323-53db@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23324-bc9e@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23325-4e3b@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23326-ffc6@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23327-c497@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23328-9600@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23329-c743@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23330-00fd@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23331-735b@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23332-50e0@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23333-417f@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23334-1b12@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23335-602d@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23336-d365@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23337-5018@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23338-67c7@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23339-263f@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23340-1aa9@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23341-3f7b@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23342-8456@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23343-dc2b@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23344-0279@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23345-c154@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23346-faed@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23347-fa08@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23348-e792@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23349-aa6a@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23350-f4be@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23351-637f@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23352-18f2@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23353-d0c3@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23354-d9b2@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23355-86df@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23356-0014@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23357-605e@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23358-1042@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23359-35fd@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23360-c464@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23361-bd5c@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23362-40bd@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23363-3e24@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23364-4267@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23365-76d3@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23366-a7c4@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23367-6e44@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23368-c240@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23369-b6c6@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23370-02d2@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23371-1b32@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23372-7bc9@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23373-0203@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23374-9345@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23375-91b1@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23376-114a@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23377-cb04@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23378-f329@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23379-3b2d@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23380-9e3c@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23381-378d@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23382-26fe@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23383-f205@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23384-489a@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23385-3414@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23386-acc4@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23387-4399@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23388-9e71@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23389-2056@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23390-7146@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032548-CVE-2026-23391-bb43@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032548-CVE-2026-23392-fd9d@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032548-CVE-2026-23393-c395@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032549-CVE-2026-23394-9205@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032549-CVE-2026-23395-5e50@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - redhat",
                    "url": "https://www.cve.org/CVERecord?id=CVE-2026-23340"
                },
                {
                    "category": "external",
                    "summary": "Reference - redhat",
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23340"
                },
                {
                    "category": "external",
                    "summary": "Reference - redhat",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23340-1aa9@gregkh/T"
                }
            ],
            "remediations": [
                {
                    "category": "vendor_fix",
                    "details": "CBL-Mariner Releases",
                    "product_ids": [
                        "CSAFPID-5761981"
                    ]
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                        "baseScore": 7.8,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1289575",
                        "CSAFPID-1330297",
                        "CSAFPID-1439317",
                        "CSAFPID-1439319",
                        "CSAFPID-1439321",
                        "CSAFPID-1453376",
                        "CSAFPID-1453379",
                        "CSAFPID-1453380",
                        "CSAFPID-1453381",
                        "CSAFPID-1453382",
                        "CSAFPID-2036021",
                        "CSAFPID-2036024",
                        "CSAFPID-2858634",
                        "CSAFPID-2858635",
                        "CSAFPID-5761981",
                        "CSAFPID-5905194",
                        "CSAFPID-5905195",
                        "CSAFPID-5905196",
                        "CSAFPID-5905197",
                        "CSAFPID-5905198",
                        "CSAFPID-5905199"
                    ]
                }
            ],
            "title": "CVE-2026-23340"
        }
    ]
}