Global Out-of-Bounds Vulnerability in Linux Kernel Bonding for Ethernet Devices
CVE-2026-23099

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
4 February 2026

What is CVE-2026-23099?

A vulnerability within the Linux kernel's bonding driver has been identified, specifically affecting the BOND_MODE_8023AD configuration for Ethernet devices. This issue can lead to global out-of-bounds access due to misconfiguration and can be exploited by attackers, resulting in unexpected behavior or potential denial of service. The functionality of BOND_MODE_8023AD is intended solely for ARPHRD_ETHER interfaces, and the vulnerability has been addressed in recent kernel updates.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 872254dd6b1f80cb95ee9e2e22980888533fc293 < 72925dbb0c8c7b16bf922e93c6cc03cbd8c955c4

Linux 872254dd6b1f80cb95ee9e2e22980888533fc293 < 5063b2cd9b27d35ab788d707d7858ded0acc8f1d

Linux 872254dd6b1f80cb95ee9e2e22980888533fc293 < 80c881e53a4fa0a80fa4bef7bc0ead0e8e88940d

References

https://git.kernel.org/stable/c/72925dbb0c8c7b16bf922e93c...
https://git.kernel.org/stable/c/5063b2cd9b27d35ab788d707d...
https://git.kernel.org/stable/c/80c881e53a4fa0a80fa4bef7b...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.