{
    "document": {
        "category": "csaf_base",
        "csaf_version": "2.0",
        "distribution": {
            "tlp": {
                "label": "WHITE"
            }
        },
        "lang": "en",
        "notes": [
            {
                "category": "legal_disclaimer",
                "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this portal to enhance access to its information and vulnerabilities. The use of this information is subject to the following terms and conditions:\n\nThe vulnerabilities disclosed in this portal are gathered by NCSC-NL from a variety of open sources, which the user can retrieve from other platforms. NCSC-NL makes every reasonable effort to ensure that the content of this portal is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or real-time keeping up-to-date. NCSC-NL does not control nor guarantee the accuracy, relevance, timeliness or completeness of information obtained from these external sources. The vulnerabilities disclosed in this portal are intended solely for the convenience of professional parties to take appropriate measures to manage the risks posed to the cybersecurity. No rights can be derived from the information provided therein.\n\nNCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of the vulnerabilities disclosed in this portal. This includes damage resulting from the inaccuracy of incompleteness of the information contained in it.\nThe information on this page is subject to Dutch law. All disputes related to or arising from the use of this portal regarding the disclosure of vulnerabilities will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
            }
        ],
        "publisher": {
            "category": "coordinator",
            "contact_details": "cert@ncsc.nl",
            "name": "National Cyber Security Centre",
            "namespace": "https://www.ncsc.nl/"
        },
        "title": "CVE-2026-23393",
        "tracking": {
            "current_release_date": "2026-04-02T15:49:07.254561Z",
            "generator": {
                "date": "2026-02-17T15:00:00Z",
                "engine": {
                    "name": "V.E.L.M.A",
                    "version": "1.7"
                }
            },
            "id": "CVE-2026-23393",
            "initial_release_date": "2026-03-25T10:41:55.969244Z",
            "revision_history": [
                {
                    "date": "2026-03-25T10:41:55.969244Z",
                    "number": "1",
                    "summary": "CVE created.| Source created.| CVE status created. (valid)| Description created for source.| Products created (4).| Products connected (6).| References created (4)."
                },
                {
                    "date": "2026-03-25T10:42:07.761715Z",
                    "number": "2",
                    "summary": "NCSC Score created."
                },
                {
                    "date": "2026-03-25T11:33:35.023940Z",
                    "number": "3",
                    "summary": "Source created.| CVE status created. (valid)| Description created for source.| References created (4)."
                },
                {
                    "date": "2026-03-25T13:14:55.781655Z",
                    "number": "4",
                    "summary": "Source connected.| CVE status created. (valid)| Products connected (1).| References created (120)."
                },
                {
                    "date": "2026-03-25T13:15:00.016141Z",
                    "number": "5",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-25T15:41:31.639086Z",
                    "number": "6",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-25T18:45:16.693739Z",
                    "number": "7",
                    "summary": "Source created.| CVE status created. (valid)| Products connected (2)."
                },
                {
                    "date": "2026-03-25T18:45:19.565502Z",
                    "number": "8",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-26T01:10:41.314925Z",
                    "number": "9",
                    "summary": "Source connected.| CVE status created. (valid)| EPSS created."
                },
                {
                    "date": "2026-03-26T01:10:44.095459Z",
                    "number": "10",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-26T06:45:52.494984Z",
                    "number": "11",
                    "summary": "Description created for source."
                },
                {
                    "date": "2026-03-26T12:20:30.740556Z",
                    "number": "12",
                    "summary": "Source connected.| CVE status created. (valid)| Description created for source.| CVSS created.| Products connected (1)."
                },
                {
                    "date": "2026-03-26T12:20:33.277867Z",
                    "number": "13",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-04-02T15:27:16.832312Z",
                    "number": "14",
                    "summary": "CVSS created."
                },
                {
                    "date": "2026-04-02T15:27:18.720306Z",
                    "number": "15",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-04-02T15:39:58.908339Z",
                    "number": "16",
                    "summary": "CVSS created."
                },
                {
                    "date": "2026-04-02T15:40:01.474001Z",
                    "number": "17",
                    "summary": "NCSC Score updated."
                }
            ],
            "status": "interim",
            "version": "17"
        }
    },
    "product_tree": {
        "branches": [
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:git/dc32cbb3dbd7da38c700d6e0fc6354df24920525|<1fd81151f65927fd9edb8ecd12ad45527dbbe5ab",
                                "product": {
                                    "name": "vers:git/dc32cbb3dbd7da38c700d6e0fc6354df24920525|<1fd81151f65927fd9edb8ecd12ad45527dbbe5ab",
                                    "product_id": "CSAFPID-5905060"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:git/dc32cbb3dbd7da38c700d6e0fc6354df24920525|<3715a00855316066cdda69d43648336367422127",
                                "product": {
                                    "name": "vers:git/dc32cbb3dbd7da38c700d6e0fc6354df24920525|<3715a00855316066cdda69d43648336367422127",
                                    "product_id": "CSAFPID-5905061"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:git/dc32cbb3dbd7da38c700d6e0fc6354df24920525|<d8f35767bacb3c7769d470a41cf161e3f3c07e70",
                                "product": {
                                    "name": "vers:git/dc32cbb3dbd7da38c700d6e0fc6354df24920525|<d8f35767bacb3c7769d470a41cf161e3f3c07e70",
                                    "product_id": "CSAFPID-5905059"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:git/dc32cbb3dbd7da38c700d6e0fc6354df24920525|<e89dbd2736a45f0507949af4748cbbf3ff793146",
                                "product": {
                                    "name": "vers:git/dc32cbb3dbd7da38c700d6e0fc6354df24920525|<e89dbd2736a45f0507949af4748cbbf3ff793146",
                                    "product_id": "CSAFPID-5905058"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:semver/6.12.78|<=6.12.*",
                                "product": {
                                    "name": "vers:semver/6.12.78|<=6.12.*",
                                    "product_id": "CSAFPID-5904671"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:semver/6.18.20|<=6.18.*",
                                "product": {
                                    "name": "vers:semver/6.18.20|<=6.18.*",
                                    "product_id": "CSAFPID-5905005"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:semver/6.19.10|<=6.19.*",
                                "product": {
                                    "name": "vers:semver/6.19.10|<=6.19.*",
                                    "product_id": "CSAFPID-5905006"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:semver/<5.11",
                                "product": {
                                    "name": "vers:semver/<5.11",
                                    "product_id": "CSAFPID-1287338"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/5.11",
                                "product": {
                                    "name": "vers:unknown/5.11",
                                    "product_id": "CSAFPID-1287337"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/7.0-rc5|<=*",
                                "product": {
                                    "name": "vers:unknown/7.0-rc5|<=*",
                                    "product_id": "CSAFPID-5905027"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Linux"
                    }
                ],
                "category": "vendor",
                "name": "Linux"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/unknown",
                                "product": {
                                    "name": "vers:unknown/unknown",
                                    "product_id": "CSAFPID-1330297",
                                    "product_identification_helper": {
                                        "cpe": "cpe:/o:linux:linux_kernel:-"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Open Source Linux Kernel"
                    }
                ],
                "category": "vendor",
                "name": "Open Source"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:microsoft/*",
                                        "product": {
                                            "name": "vers:microsoft/*",
                                            "product_id": "CSAFPID-5761981",
                                            "product_identification_helper": {
                                                "cpe": "cpe:2.3:a:microsoft:azl3_kernel_6.6.126.1-1:*:*:*:*:*:*:*:*"
                                            }
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "azl3 kernel 6.6.126.1-1 on Azure Linux 3.0"
                            }
                        ],
                        "category": "product_family",
                        "name": "Open Source Software"
                    }
                ],
                "category": "vendor",
                "name": "Microsoft"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:deb/unknown",
                                        "product": {
                                            "name": "vers:deb/unknown",
                                            "product_id": "CSAFPID-2036024"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "linux"
                            }
                        ],
                        "category": "product_family",
                        "name": "bookworm"
                    },
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:deb/*",
                                        "product": {
                                            "name": "vers:deb/*",
                                            "product_id": "CSAFPID-2036023"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "linux"
                            }
                        ],
                        "category": "product_family",
                        "name": "bullseye"
                    }
                ],
                "category": "vendor",
                "name": "Debian"
            }
        ]
    },
    "vulnerabilities": [
        {
            "cve": "CVE-2026-23393",
            "notes": [
                {
                    "category": "description",
                    "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbridge: cfm: Fix race condition in peer_mep deletion\n\nWhen a peer MEP is being deleted, cancel_delayed_work_sync() is called\non ccm_rx_dwork before freeing. However, br_cfm_frame_rx() runs in\nsoftirq context under rcu_read_lock (without RTNL) and can re-schedule\nccm_rx_dwork via ccm_rx_timer_start() between cancel_delayed_work_sync()\nreturning and kfree_rcu() being called.\n\nThe following is a simple race scenario:\n\n           cpu0                                     cpu1\n\nmep_delete_implementation()\n  cancel_delayed_work_sync(ccm_rx_dwork);\n                                           br_cfm_frame_rx()\n                                             // peer_mep still in hlist\n                                             if (peer_mep->ccm_defect)\n                                               ccm_rx_timer_start()\n                                                 queue_delayed_work(ccm_rx_dwork)\n  hlist_del_rcu(&peer_mep->head);\n  kfree_rcu(peer_mep, rcu);\n                                           ccm_rx_work_expired()\n                                             // on freed peer_mep\n\nTo prevent this, cancel_delayed_work_sync() is replaced with\ndisable_delayed_work_sync() in both peer MEP deletion paths, so\nthat subsequent queue_delayed_work() calls from br_cfm_frame_rx()\nare silently rejected.\n\nThe cc_peer_disable() helper retains cancel_delayed_work_sync()\nbecause it is also used for the CC enable/disable toggle path where\nthe work must remain re-schedulable.",
                    "title": "cveprojectv5 - https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2026/23xxx/CVE-2026-23393.json"
                },
                {
                    "category": "description",
                    "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbridge: cfm: Fix race condition in peer_mep deletion\n\nWhen a peer MEP is being deleted, cancel_delayed_work_sync() is called\non ccm_rx_dwork before freeing. However, br_cfm_frame_rx() runs in\nsoftirq context under rcu_read_lock (without RTNL) and can re-schedule\nccm_rx_dwork via ccm_rx_timer_start() between cancel_delayed_work_sync()\nreturning and kfree_rcu() being called.\n\nThe following is a simple race scenario:\n\n           cpu0                                     cpu1\n\nmep_delete_implementation()\n  cancel_delayed_work_sync(ccm_rx_dwork);\n                                           br_cfm_frame_rx()\n                                             // peer_mep still in hlist\n                                             if (peer_mep->ccm_defect)\n                                               ccm_rx_timer_start()\n                                                 queue_delayed_work(ccm_rx_dwork)\n  hlist_del_rcu(&peer_mep->head);\n  kfree_rcu(peer_mep, rcu);\n                                           ccm_rx_work_expired()\n                                             // on freed peer_mep\n\nTo prevent this, cancel_delayed_work_sync() is replaced with\ndisable_delayed_work_sync() in both peer MEP deletion paths, so\nthat subsequent queue_delayed_work() calls from br_cfm_frame_rx()\nare silently rejected.\n\nThe cc_peer_disable() helper retains cancel_delayed_work_sync()\nbecause it is also used for the CC enable/disable toggle path where\nthe work must remain re-schedulable.",
                    "title": "nvd - https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-23393"
                },
                {
                    "category": "description",
                    "text": "In the Linux kernel, the following vulnerability has been resolved:  bridge: cfm: Fix race condition in peer_mep deletion  When a peer MEP is being deleted, cancel_delayed_work_sync() is called on ccm_rx_dwork before freeing. However, br_cfm_frame_rx() runs in softirq context under rcu_read_lock (without RTNL) and can re-schedule ccm_rx_dwork via ccm_rx_timer_start() between cancel_delayed_work_sync() returning and kfree_rcu() being called.  The following is a simple race scenario:             cpu0                                     cpu1  mep_delete_implementation()   cancel_delayed_work_sync(ccm_rx_dwork);                                            br_cfm_frame_rx()                                              // peer_mep still in hlist                                              if (peer_mep->ccm_defect)                                                ccm_rx_timer_start()                                                  queue_delayed_work(ccm_rx_dwork)   hlist_del_rcu(&peer_mep->head);   kfree_rcu(peer_mep, rcu);                                            ccm_rx_work_expired()                                              // on freed peer_mep  To prevent this, cancel_delayed_work_sync() is replaced with disable_delayed_work_sync() in both peer MEP deletion paths, so that subsequent queue_delayed_work() calls from br_cfm_frame_rx() are silently rejected.  The cc_peer_disable() helper retains cancel_delayed_work_sync() because it is also used for the CC enable/disable toggle path where the work must remain re-schedulable.",
                    "title": "debian - https://security-tracker.debian.org/tracker/CVE-2026-23393"
                },
                {
                    "category": "description",
                    "text": "bridge: cfm: Fix race condition in peer\\_mep deletion",
                    "title": "microsoft - https://api.msrc.microsoft.com/cvrf/v3.0/cvrf/2026-Mar"
                },
                {
                    "category": "other",
                    "text": "0.00018",
                    "title": "EPSS"
                },
                {
                    "category": "other",
                    "text": "3.9",
                    "title": "NCSC Score"
                },
                {
                    "category": "other",
                    "text": "There is product data available from source Certbundde",
                    "title": "NCSC Score top increasing factors"
                },
                {
                    "category": "other",
                    "text": "The value of the most recent EPSS score, Is related to a product by vendor Linux",
                    "title": "NCSC Score top decreasing factors"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1287337",
                    "CSAFPID-5905058",
                    "CSAFPID-5905059",
                    "CSAFPID-5905060",
                    "CSAFPID-5905061",
                    "CSAFPID-1330297",
                    "CSAFPID-2036024",
                    "CSAFPID-5761981"
                ],
                "known_not_affected": [
                    "CSAFPID-1287338",
                    "CSAFPID-5904671",
                    "CSAFPID-5905005",
                    "CSAFPID-5905006",
                    "CSAFPID-5905027",
                    "CSAFPID-2036023"
                ]
            },
            "references": [
                {
                    "category": "external",
                    "summary": "Source - cveprojectv5",
                    "url": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2026/23xxx/CVE-2026-23393.json"
                },
                {
                    "category": "external",
                    "summary": "Source - nvd",
                    "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-23393"
                },
                {
                    "category": "external",
                    "summary": "Source - certbundde",
                    "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0861.json"
                },
                {
                    "category": "external",
                    "summary": "Source - debian",
                    "url": "https://security-tracker.debian.org/tracker/CVE-2026-23393"
                },
                {
                    "category": "external",
                    "summary": "Source - first",
                    "url": "https://api.first.org/data/v1/epss?limit=10000&offset=0"
                },
                {
                    "category": "external",
                    "summary": "Source - microsoft",
                    "url": "https://api.msrc.microsoft.com/cvrf/v3.0/cvrf/2026-Mar"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; nvd",
                    "url": "https://git.kernel.org/stable/c/e89dbd2736a45f0507949af4748cbbf3ff793146"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; nvd",
                    "url": "https://git.kernel.org/stable/c/d8f35767bacb3c7769d470a41cf161e3f3c07e70"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; nvd",
                    "url": "https://git.kernel.org/stable/c/1fd81151f65927fd9edb8ecd12ad45527dbbe5ab"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; nvd",
                    "url": "https://git.kernel.org/stable/c/3715a00855316066cdda69d43648336367422127"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0861.json"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0861"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032522-CVE-2026-23279-cf34@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23280-cd9e@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23281-2e62@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23282-bad0@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23283-3d92@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23284-ca53@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23285-ad41@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23286-8a7e@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23287-93b2@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23288-1d11@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23289-aa54@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23290-af97@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23291-eae3@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23292-67e8@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23293-b422@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23294-1682@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23295-59d2@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23296-eb4a@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23297-bcad@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23298-fad9@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23299-6471@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23300-9bc4@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23301-09e7@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23302-e03d@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23303-8e38@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23304-485b@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23305-5fa4@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23306-8854@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23307-60f2@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23308-1e72@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23309-4243@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23310-9b67@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23311-8c0b@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23312-2b11@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23313-925e@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23314-166c@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23315-9ac1@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23316-2ce3@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23317-0e9e@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23318-bef0@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23319-1e3d@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23320-0ae7@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23321-6059@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23322-9fd3@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23323-53db@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23324-bc9e@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23325-4e3b@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23326-ffc6@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23327-c497@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23328-9600@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23329-c743@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23330-00fd@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23331-735b@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23332-50e0@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23333-417f@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23334-1b12@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23335-602d@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23336-d365@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23337-5018@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23338-67c7@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23339-263f@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23340-1aa9@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23341-3f7b@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23342-8456@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23343-dc2b@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23344-0279@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23345-c154@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23346-faed@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23347-fa08@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23348-e792@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23349-aa6a@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23350-f4be@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23351-637f@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23352-18f2@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23353-d0c3@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23354-d9b2@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23355-86df@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23356-0014@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23357-605e@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23358-1042@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23359-35fd@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23360-c464@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23361-bd5c@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23362-40bd@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23363-3e24@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23364-4267@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23365-76d3@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23366-a7c4@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23367-6e44@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23368-c240@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23369-b6c6@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23370-02d2@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23371-1b32@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23372-7bc9@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23373-0203@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23374-9345@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23375-91b1@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23376-114a@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23377-cb04@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23378-f329@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23379-3b2d@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23380-9e3c@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23381-378d@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23382-26fe@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23383-f205@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23384-489a@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23385-3414@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23386-acc4@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23387-4399@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23388-9e71@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23389-2056@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23390-7146@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032548-CVE-2026-23391-bb43@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032548-CVE-2026-23392-fd9d@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032548-CVE-2026-23393-c395@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032549-CVE-2026-23394-9205@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026032549-CVE-2026-23395-5e50@gregkh/"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                        "baseScore": 7.8,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1287337",
                        "CSAFPID-1330297",
                        "CSAFPID-2036024",
                        "CSAFPID-5761981",
                        "CSAFPID-5905058",
                        "CSAFPID-5905059",
                        "CSAFPID-5905060",
                        "CSAFPID-5905061"
                    ]
                }
            ],
            "title": "CVE-2026-23393"
        }
    ]
}