Main Vulnerability Database SB20260310109

SB20260310109 - Double free in Linux kernel tls

Published: March 10, 2026

Security Bulletin ID SB20260310109

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Double free (CVE-ID: CVE-2026-23240)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the tls_sw_cancel_work_tx() function in net/tls/tls_sw.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/17153f154f80be2b47ebf52840f2d8f724eb2f3b
https://git.kernel.org/stable/c/7bb09315f93dce6acc54bf59e5a95ba7365c2be4
https://git.kernel.org/stable/c/854cd32bc74fe573353095e90958490e4e4d641b
https://git.kernel.org/stable/c/a5de36d6cee74a92c1a21b260bc507e64bc451de