CVE-2026-23054

RSS configuration requires a valid RX indirection table. When the device reports a single receive queue, rndisfilterdevice_add() does not allocate an indirection table, accepting RSS hash key updates in this state leads to a hang.

Fix this by gating netvscsetrxfh() on ndc->rxtablesz and return -EOPNOTSUPP when the table is absent. This aligns set_rxfh with the device capabilities and prevents incorrect behavior.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23054.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

962f3fee83a4ef9010ae84dc43ae7aecb572e2a9

Fixed

8288136f508e78eb3563e7073975999cf225a2f9

Fixed

82c9039c8ebb715753a40434df714f865a3aec9c

Fixed

4cd55c609e85ae2313248ef1a33619a3eef44a16

Fixed

11dd9a9ef4dc4507a15a69b8511a0013c6c28fa3

Fixed

d23564955811da493f34412d7de60fa268c8cb50

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-23054.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.11.0

Fixed

6.1.162

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.122

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.67

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.18.7

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-23054.json"