Vulnerabilities

CVE-2026-23083

by Fred · 04/02/2026

In the Linux kernel, the following vulnerability has been resolved:

fou: Don’t allow 0 for FOU_ATTR_IPPROTO.

fou_udp_recv() has the same problem mentioned in the previous
patch.

If FOU_ATTR_IPPROTO is set to 0, skb is not freed by
fou_udp_recv() nor “resubmit”-ted in ip_protocol_deliver_rcu().

Let’s forbid 0 for FOU_ATTR_IPPROTO.

More information : https://git.kernel.org/stable/c/1cc98b8887cabb1808d2f4a37cd10a7be7574771

Similar

Tags: Cybersecurity Alert