HarborGuard / CVE
Back to search
HIGHCVE-2026-23204Published Modified CNA Linux

CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful()

In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_u32: use skb_header_pointer_careful() skb_header_pointer() does not fully validate negative @offset values. Use skb_header_pointer_careful() instead. GangMin Kim provided a report and a repro fooling u32_classify(): BUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0 net/sched/cls_u32.c:221

Metrics

CVSS v3.1
7.1
Severity
HIGH
Fixed in
0
Affected Products
2

Fix available

013336a6239b9d7c6e61483017bb8bdfe3ceb10a56.1.1676.6.1246.12.706.18.106.198a672f177ebe19c93d795fbe967846084fbc7943cabd1a976375780dabab888784e356f574bbaed8cfa745830e45ecb75c061aa34330ee0cac941cc7e41a23e61259f5526af875c3b86b3d42a9bae0e5
Affected packages
  • Linux / Linux
    < cfa745830e45ecb75c061aa34330ee0cac941cc7 (from fbc2e7d9cf49e0bf89b9e91fd60a06851a855c5d) · < 13336a6239b9d7c6e61483017bb8bdfe3ceb10a5 (from fbc2e7d9cf49e0bf89b9e91fd60a06851a855c5d) · < e41a23e61259f5526af875c3b86b3d42a9bae0e5 (from fbc2e7d9cf49e0bf89b9e91fd60a06851a855c5d) · < 8a672f177ebe19c93d795fbe967846084fbc7943 (from fbc2e7d9cf49e0bf89b9e91fd60a06851a855c5d) · < cabd1a976375780dabab888784e356f574bbaed8 (from fbc2e7d9cf49e0bf89b9e91fd60a06851a855c5d)
  • Linux / Linux
    2.6.35
    Fixed in 0, 6.1.167, 6.6.124, 6.12.70, 6.18.10, 6.19
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
References