Main Vulnerability Database Vulnerabilities #VU124779

#VU124779 Incomplete Blacklist to Cross-Site Scripting in Linux kernel - CVE-2026-23402

Published: April 1, 2026

Vulnerability identifier: #VU124779

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2026-23402

CWE-ID: CWE-692

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Linux kernel

Software vendor:
Linux Foundation

Description

The vulnerability allows a local user to cause a denial of service.

The vulnerability exists due to improper input validation in KVM's x86/mmu component when handling SPTE updates from host userspace. A local user can trigger a warning condition that leads to a system crash to cause a denial of service.

Exploitation requires access to host userspace and affects virtualized environments using KVM with EPT. The issue arises when modifying SPTEs outside KVM's write tracking scope.

Remediation

Install security update from vendor's repository.

External links

https://git.kernel.org/stable/c/df83746075778958954aa0460cca55f4b3fc9c02

#VU124779 Incomplete Blacklist to Cross-Site Scripting in Linux kernel - CVE-2026-23402

Description

Remediation

External links

Please verify you're human