CVE-2026-23103
- Source
- https://cve.org/CVERecord?id=CVE-2026-23103
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-23103.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2026-23103
- Downstream
- Published
- 2026-02-04T16:08:24.771Z
- Modified
- 2026-03-20T12:47:24.353738Z
- Summary
- ipvlan: Make the addrs_lock be per port
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ipvlan: Make the addrs_lock be per port
Make the addrs_lock be per port, not per ipvlan dev.
Initial code seems to be written in the assumption, that any address change must occur under RTNL. But it is not so for the case of IPv6. So
1) Introduce per-port addrs_lock.
2) It was needed to fix places where it was forgotten to take lock (ipvlanopen/ipvlanclose)
This appears to be a very minor problem though. Since it's highly unlikely that ipvlanaddaddr() will be called on 2 CPU simultaneously. But nevertheless, this could cause:
1) False-negative of ipvlanaddrbusy(): one interface iterated through all port->ipvlans + ipvlan->addrs under some ipvlan spinlock, and another added IP under its own lock. Though this is only possible for IPv6, since looks like only ipvlanaddr6event() can be called without rtnl_lock.
2) Race since ipvlanhtaddradd(port) is called under different ipvlan->addrslock locks
This should not affect performance, since add/remove IP is a rare situation and spinlock is not taken on fast paths.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23103.json" }- References
-
- https://git.kernel.org/stable/c/04ba6de6eff61238e5397c14ac26a6578c7735a5
- https://git.kernel.org/stable/c/1f300c10d92c547c3a7d978e1212ff52f18256ed
- https://git.kernel.org/stable/c/3c149b662cbb202a450e81f938e702ba333864ad
- https://git.kernel.org/stable/c/6a81e2db096913d7e43aada1c350c1282e76db39
- https://git.kernel.org/stable/c/70feb16e3fbfb10b15de1396557c38e99f1ab8df
- https://git.kernel.org/stable/c/88f83e6c9cdb46b8c8ddd0ba01393362963cf589
- https://git.kernel.org/stable/c/d3ba32162488283c0a4c5bedd8817aec91748802
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23103.json
- https://nvd.nist.gov/vuln/detail/CVE-2026-23103
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8230819494b3bf284ca7262ac5f877333147b937Fixed3c149b662cbb202a450e81f938e702ba333864adFixed70feb16e3fbfb10b15de1396557c38e99f1ab8dfFixed88f83e6c9cdb46b8c8ddd0ba01393362963cf589Fixed04ba6de6eff61238e5397c14ac26a6578c7735a5Fixed1f300c10d92c547c3a7d978e1212ff52f18256edFixed6a81e2db096913d7e43aada1c350c1282e76db39Fixedd3ba32162488283c0a4c5bedd8817aec91748802
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced4.17.0Fixed5.10.249
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.199
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.162
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.122
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.68
- Type
- ECOSYSTEM
- Events
-
Introduced6.13.0Fixed6.18.8