Main Vulnerability Database SB2026020524

SB2026020524 - Improper locking in Linux kernel net ipvlan driver

Published: February 5, 2026

Security Bulletin ID SB2026020524

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper locking (CVE-ID: CVE-2026-23103)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ipvlan_port_create(), ipvlan_uninit(), ipvlan_open(), ipvlan_stop(), ipvlan_link_new(), ipvlan_link_delete(), ipvlan_add_addr(), ipvlan_del_addr(), ipvlan_add_addr6(), ipvlan_addr6_validator_event() and ipvlan_addr4_validator_event() functions in drivers/net/ipvlan/ipvlan_main.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/04ba6de6eff61238e5397c14ac26a6578c7735a5
https://git.kernel.org/stable/c/1f300c10d92c547c3a7d978e1212ff52f18256ed
https://git.kernel.org/stable/c/6a81e2db096913d7e43aada1c350c1282e76db39
https://git.kernel.org/stable/c/d3ba32162488283c0a4c5bedd8817aec91748802