IPvlan Address Management Issue in Linux Kernel
CVE-2026-23103

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
4 February 2026

What is CVE-2026-23103?

A vulnerability in the Linux kernel's IPvlan module relates to the handling of address locks, which are not properly managed per port leading to potential race conditions. The initial design assumes address changes occur under the RTNL (Routing Netlink) lock; however, for IPv6, this assumption fails, resulting in possible false negatives and race conditions when managing IP addresses. This vulnerability is observed in the ipvlan_addr_busy() function, where simultaneous address modifications may be executed without proper lock synchronization, particularly affecting IPv6 address events. While the problem appears minor in frequency and performance impact, it necessitates careful management of locks to prevent inconsistent state and potential network disruptions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 8230819494b3bf284ca7262ac5f877333147b937 < 3c149b662cbb202a450e81f938e702ba333864ad

Linux 8230819494b3bf284ca7262ac5f877333147b937 < 70feb16e3fbfb10b15de1396557c38e99f1ab8df

Linux 8230819494b3bf284ca7262ac5f877333147b937 < 88f83e6c9cdb46b8c8ddd0ba01393362963cf589

References

https://git.kernel.org/stable/c/3c149b662cbb202a450e81f93...
https://git.kernel.org/stable/c/70feb16e3fbfb10b15de13965...
https://git.kernel.org/stable/c/88f83e6c9cdb46b8c8ddd0ba0...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.