SB2026032569 - Out-of-bounds write in Linux kernel intel ice driver
Published: March 25, 2026
Security Bulletin ID
SB2026032569
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Out-of-bounds write (CVE-ID: CVE-2026-23377)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper input validation in the ice driver's XDP RxQ configuration when handling XDP buffer size parameters. A local user can trigger a negative tailroom condition by using the XDP_ADJUST_TAIL_GROW_MULTI_BUFF xskxceiver test with a large packet size and offset to cause a kernel panic.
The issue arises specifically from incorrect assumptions about buffer size in the frag_size field, leading to memory corruption during XDP processing.
Remediation
Install update from vendor's website.