SB2026032570 - Out-of-bounds write in Linux kernel sched
Published: March 25, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Out-of-bounds write (CVE-ID: CVE-2026-23378)
The vulnerability allows a local user to execute arbitrary code or cause a denial of service.
The vulnerability exists due to improper memory access in the net/sched: act_ife component when updating metadata lists during packet processing. A local user can send a specially crafted request to trigger out-of-bounds memory write via the ife_tlv_meta_encode function.
Exploitation requires the ability to configure or trigger traffic control (tc) actions within the kernel, which is typically available to local users with sufficient privileges to manipulate network scheduling policies.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/56ade7ddea6ce605552341785d08e365c3f61861
- https://git.kernel.org/stable/c/5b1449301ca070814d866990b46f48d3f39ea4ee
- https://git.kernel.org/stable/c/691866c4cca54dc4df762276b49e89b36e046947
- https://git.kernel.org/stable/c/91a89d3bdc2f63d983adc13d1771631663c5dc1b
- https://git.kernel.org/stable/c/cd888c3966672239f2e0707b846a5a936ac9038a
- https://git.kernel.org/stable/c/e2cedd400c3ec0302ffca2490e8751772906ac23