Memory Corruption Flaw in Linux Kernel's Network Interface Card Stats Reporting
CVE-2026-23262

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 March 2026

What is CVE-2026-23262?

A memory corruption vulnerability exists in the Linux kernel's handling of network interface card (NIC) statistics reporting. The gve driver and NIC share a memory region for stats reporting. When the number of queues is altered, the driver's stats region is resized. An increase in the queue count may lead the NIC to overwrite memory beyond this region, causing corruption. Conversely, a decrease creates a discrepancy that results in inaccurate stats reporting. This issue has been mitigated by allocating the stats region with a maximum size and adjusting the NIC's offset calculation accordingly.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 24aeb56f2d38edf1b324bdb4f8bc6faf9f0f540c

Linux 24aeb56f2d38edf1b324bdb4f8bc6faf9f0f540c < 9d93332397405b62a3300b22d04ac65d990b91ff

Linux 24aeb56f2d38edf1b324bdb4f8bc6faf9f0f540c < 837c662f47dac43efa1aef2dd433c6b4b4c073af

References

https://git.kernel.org/stable/c/f432f7613c220db32c2c69424...
https://git.kernel.org/stable/c/9d93332397405b62a3300b22d...
https://git.kernel.org/stable/c/837c662f47dac43efa1aef2dd...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.