Use After Free in Linux kernel - CVE-2026-23351
Published: March 25, 2026
Vulnerability identifier: #VU124494
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-23351
CWE-ID: CWE-416
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a use-after-free in the netfilter nft_set_pipapo component when handling a large number of expired elements during commit-time garbage collection. A local user can trigger prolonged non-preemptible execution to cause a denial of service.
Exploitation requires triggering garbage collection under a large number of expired elements, leading to soft lockup warnings and RCU stall reports.
How to mitigate CVE-2026-23351
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/16f3595c0441d87dfa005c47d8f95be213afaa9e
- https://git.kernel.org/stable/c/500a50a301ce962b019ab95053ac70264fec2c21
- https://git.kernel.org/stable/c/7864c667aed01a58b87ca518a631322cd0ac34c0
- https://git.kernel.org/stable/c/9df95785d3d8302f7c066050117b04cd3c2048c2
- https://git.kernel.org/stable/c/aff13667708dfa0dce136b8efd81baa9fa6ef261
- https://git.kernel.org/stable/c/c12d570d71920903a1a0468b7d13b085203d0c93