CVE-2026-23357
In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix deadlock in error path of mcp251x_open The mcp251x_open() function call free_irq() in its error path with the mpc_lock mutex held. But if an interrupt already occurred the interrupt handler will be waiting for the mpc_lock and free_irq() will deadlock waiting for the handler to finish. This issue is similar to the one fixed in commit 7dd9c26bd6cf ("can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open") but for the error path. To solve this issue move the call to free_irq() after the lock is released. Setting `priv->force_quit = 1` beforehand ensure that the IRQ handler will exit right away once it acquired the lock.
EPSS 0.02% · 7.2th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| linux | linux_kernel | 2.6.34, 2.6.34, 2.6.34 |
| Linux | Linux | bf66f3736a945dd4e92d86427276c6eeab0a6c1d, bf66f3736a945dd4e92d86427276c6eeab0a6c1d, bf66f3736a945dd4e92d86427276c6eeab0a6c1d |
Exploit Intelligence
- CIRCL seen: CVE-2026-23357 (circl-sighting)
- CIRCL seen: CVE-2026-23357 (circl-sighting)
- CIRCL seen: CVE-2026-23357 (circl-sighting)
- https://git.kernel.org/stable/c/739454057572cb0948658d1142f3fa2c6966465c (circl)
- https://git.kernel.org/stable/c/416c18ecddafab0ed09be1e7b9d2f448f3d4db16 (circl)
- https://git.kernel.org/stable/c/256f0cff6e946c570392bda1d01a65e789a7afd0 (circl)
- https://git.kernel.org/stable/c/b73832292cd914e87a55e863ba4413a907e7db6b (circl)
- https://git.kernel.org/stable/c/38063cc435b69d56e76f947c10d336fcb2953508 (circl)
- https://git.kernel.org/stable/c/d27f12c3f5e85efc479896af4a69eccb37f75e8e (circl)
- https://git.kernel.org/stable/c/e728f444c913a91d290d1824b4770780bbd6378e (circl)
…and 16 more exploits
Timeline
- Mar 25, 2026 EPSS Score
- Mar 25, 2026 Coalition ESS Score
- Mar 25, 2026 CVE Published
- Mar 29, 2026 Security Advisory
- Mar 29, 2026 PoC Published
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
References
- https://git.kernel.org/stable/c/256f0cff6e946c570392bda1d01a65e789a7afd0 url
- https://git.kernel.org/stable/c/b73832292cd914e87a55e863ba4413a907e7db6b url
- https://git.kernel.org/stable/c/38063cc435b69d56e76f947c10d336fcb2953508 url
- https://git.kernel.org/stable/c/d27f12c3f5e85efc479896af4a69eccb37f75e8e url
- https://git.kernel.org/stable/c/e728f444c913a91d290d1824b4770780bbd6378e url
- https://git.kernel.org/stable/c/ab3f894de216f4a62adc3b57e9191888cbf26885 url
- https://nvd.nist.gov/vuln/detail/CVE-2026-23357 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32748 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4438 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23347 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23268 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23392 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23319 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23253 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23296 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23364 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23368 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27654 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-30922 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23286 advisory
…and 135 more