CVE-2026-23372
In the Linux kernel, the following vulnerability has been resolved: nfc: rawsock: cancel tx_work before socket teardown In rawsock_release(), cancel any pending tx_work and purge the write queue before orphaning the socket. rawsock_tx_work runs on the system workqueue and calls nfc_data_exchange which dereferences the NCI device. Without synchronization, tx_work can race with socket and device teardown when a process is killed (e.g. by SIGKILL), leading to use-after-free or leaked references. Set SEND_SHUTDOWN first so that if tx_work is already running it will see the flag and skip transmitting, then use cancel_work_sync to wait for any in-progress execution to finish, and finally purge any remaining queued skbs.
EPSS 0.03% · 9.0th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | *, 23b7869c0fd08d73c9f83a2db88a13312d6198bb, 3.1 |
| linux | linux_kernel | 3.1, 3.1, 3.1 |
Exploit Intelligence
- https://git.kernel.org/stable/c/3ae592ed91bb4b6b51df256b51045c13d2656049 (circl)
- https://git.kernel.org/stable/c/722a28b635ec281bb08a23885223526d8e7d6526 (circl)
- https://git.kernel.org/stable/c/78141b8832e16d80d09cbefb4258612db0777a24 (circl)
- https://git.kernel.org/stable/c/edc988613def90c5b558e025b1b423f48007be06 (circl)
- https://git.kernel.org/stable/c/da4515fc8263c5933ed605e396af91079806dc45 (circl)
- https://git.kernel.org/stable/c/d793458c45df2aed498d7f74145eab7ee22d25aa (circl)
- 4593.2.0.yml (github-poc)
- 4593.2.0.yml (github-poc)
- 4593.2.0.yml (github-poc)
- 4593.2.0.yml (github-poc)
…and 8 more exploits
Timeline
- Mar 25, 2026 EPSS Score
- Mar 25, 2026 Coalition ESS Score
- Mar 25, 2026 CVE Published
- Mar 29, 2026 Security Advisory
- May 18, 2026 EPSS Score
- May 19, 2026 EPSS Score
- May 20, 2026 EPSS Score
- May 21, 2026 EPSS Score
- May 22, 2026 EPSS Score
- May 23, 2026 EPSS Score
- May 24, 2026 EPSS Score
- May 25, 2026 EPSS Score
References
- https://git.kernel.org/stable/c/3ae592ed91bb4b6b51df256b51045c13d2656049 url
- https://git.kernel.org/stable/c/722a28b635ec281bb08a23885223526d8e7d6526 url
- https://git.kernel.org/stable/c/78141b8832e16d80d09cbefb4258612db0777a24 url
- https://git.kernel.org/stable/c/edc988613def90c5b558e025b1b423f48007be06 url
- https://git.kernel.org/stable/c/da4515fc8263c5933ed605e396af91079806dc45 url
- https://git.kernel.org/stable/c/d793458c45df2aed498d7f74145eab7ee22d25aa url
- https://nvd.nist.gov/vuln/detail/CVE-2026-23372 advisory
- https://lists.debian.org/debian-lts-announce/2026/05/msg00004.html advisory
- https://lists.debian.org/debian-lts-announce/2026/05/msg00005.html advisory
- https://lists.debian.org/debian-security-announce/2026/msg00154.html advisory
- https://lists.debian.org/debian-security-announce/2026/msg00148.html advisory
- https://lists.debian.org/debian-lts-announce/2026/05/msg00051.html advisory
- https://lists.debian.org/debian-lts-announce/2026/05/msg00052.html advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202621930-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202621841-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-20262238-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202621974-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-20262217-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202621979-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-20262149-1 advisory
…and 56 more