CVE-2026-23392
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release flowtable after rcu grace period on error Call synchronize_rcu() after unregistering the hooks from error path, since a hook that already refers to this flowtable can be already registered, exposing this flowtable to packet path and nfnetlink_hook control plane. This error path is rare, it should only happen by reaching the maximum number hooks or by failing to set up to hardware offload, just call synchronize_rcu(). There is a check for already used device hooks by different flowtable that could result in EEXIST at this late stage. The hook parser can be updated to perform this check earlier to this error path really becomes rarely exercised. Uncovered by KASAN reported as use-after-free from nfnetlink_hook path when dumping hooks.
EPSS 0.02% · 4.8th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | 7.0, 0, 6.1.167 |
| linux | linux_kernel | 4.16, 4.16, 4.16 |
Timeline
- Mar 25, 2026 EPSS Score
- Mar 25, 2026 Coalition ESS Score
- Mar 25, 2026 CVE Published
- Mar 25, 2026 PoC Published
- Mar 26, 2026 PoC Published
- Mar 29, 2026 Security Advisory
- Mar 29, 2026 PoC Published
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
References
- https://git.kernel.org/stable/c/d2632de96ccb066e0131ad1494241b9c281c60b8 url
- https://git.kernel.org/stable/c/adee3436ccd29f1e514c028899e400cbc6d84065 url
- https://git.kernel.org/stable/c/7e3955b282eae20d61c75e499c75eade51c20060 url
- https://git.kernel.org/stable/c/c8092edb9a11f20f95ccceeb9422b7dd0df337bd url
- https://git.kernel.org/stable/c/e78a2dcc7cfb87b64a631441ca7681492b347ef6 url
- https://git.kernel.org/stable/c/d73f4b53aaaea4c95f245e491aa5eeb8a21874ce url
- https://nvd.nist.gov/vuln/detail/CVE-2026-23392 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32748 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4438 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23347 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23268 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23392 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23319 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23253 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23296 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23364 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23368 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27654 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-30922 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23286 advisory
…and 131 more