SB2026032099 - Improper Check for Unusual or Exceptional Conditions in Linux kernel core



SB2026032099 - Improper Check for Unusual or Exceptional Conditions in Linux kernel core

Published: March 20, 2026

Security Bulletin ID SB2026032099
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Improper Check for Unusual or Exceptional Conditions (CVE-ID: CVE-2026-23254)

CWE-ID: CWE-754 - Improper Check for Unusual or Exceptional Conditions

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to cause a denial of service.

The vulnerability exists due to improper input validation in the UDP GRO complete stage when handling network packets. A remote attacker can send specially crafted network packets to cause a denial of service.

The issue arises because the udp4_gro_complete() function uses an incorrect network offset to compute the outer UDP header pseudo checksum when the 'encapsulation' flag is set, leading to checksum validation errors and subsequent packet processing failures.


Remediation

Install update from vendor's website.