SB2026032099 - Improper Check for Unusual or Exceptional Conditions in Linux kernel core

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2026032099

SB2026032099 - Improper Check for Unusual or Exceptional Conditions in Linux kernel core

Published: March 20, 2026

Security Bulletin ID SB2026032099
Severity
Medium
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 security vulnerability.


1) Improper Check for Unusual or Exceptional Conditions (CVE-ID: CVE-2026-23254)

The vulnerability allows a remote attacker to cause a denial of service.

The vulnerability exists due to improper input validation in the UDP GRO complete stage when handling network packets. A remote attacker can send specially crafted network packets to cause a denial of service.

The issue arises because the udp4_gro_complete() function uses an incorrect network offset to compute the outer UDP header pseudo checksum when the 'encapsulation' flag is set, leading to checksum validation errors and subsequent packet processing failures.


Remediation

Install update from vendor's website.

References