#VU124450 Use After Free in Linux kernel - CVE-2026-23392
Published: March 25, 2026
Vulnerability identifier: #VU124450
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-23392
CWE-ID: CWE-416
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to execute arbitrary code or escalate privileges.
The vulnerability exists due to a use-after-free in the netfilter nf_tables component when handling flowtable hooks during error conditions. A local user can trigger a use-after-free condition by exploiting the improper release of a flowtable after an RCU grace period, leading to arbitrary code execution or privilege escalation.
Exploitation requires the ability to interact with the nfnetlink subsystem, typically available to local users with access to netfilter configuration interfaces.
Remediation
Install security update from vendor's repository.
External links
- https://git.kernel.org/stable/c/7e3955b282eae20d61c75e499c75eade51c20060
- https://git.kernel.org/stable/c/adee3436ccd29f1e514c028899e400cbc6d84065
- https://git.kernel.org/stable/c/c8092edb9a11f20f95ccceeb9422b7dd0df337bd
- https://git.kernel.org/stable/c/d2632de96ccb066e0131ad1494241b9c281c60b8
- https://git.kernel.org/stable/c/d73f4b53aaaea4c95f245e491aa5eeb8a21874ce
- https://git.kernel.org/stable/c/e78a2dcc7cfb87b64a631441ca7681492b347ef6