{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23165", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.981Z", "datePublished": "2026-02-14T16:01:29.336Z", "dateUpdated": "2026-05-11T22:01:34.933Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:01:34.933Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsfc: fix deadlock in RSS config read\n\nSince cited commit, core locks the net_device's rss_lock when handling\n ethtool -x command, so driver's implementation should not lock it\n again. Remove the latter."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/sfc/mcdi_filters.c"], "versions": [{"version": "040cef30b5e67271e3193e0206f82b206fc97095", "lessThan": "590c8179ffb01c17644181408821b55b8704c50c", "status": "affected", "versionType": "git"}, {"version": "040cef30b5e67271e3193e0206f82b206fc97095", "lessThan": "944c614b0a7afa5b87612c3fb557b95a50ad654c", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/sfc/mcdi_filters.c"], "versions": [{"version": "6.17", "status": "affected"}, {"version": "0", "lessThan": "6.17", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.9", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.17", "versionEndExcluding": "6.18.9"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.17", "versionEndExcluding": "6.19"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/590c8179ffb01c17644181408821b55b8704c50c"}, {"url": "https://git.kernel.org/stable/c/944c614b0a7afa5b87612c3fb557b95a50ad654c"}], "title": "sfc: fix deadlock in RSS config read", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "1A54A699-D04F-4433-B541-AEB7951FD812", "versionEndExcluding": "6.18.9", "versionStartIncluding": "6.17", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "17B67AA7-40D6-4AFA-8459-F200F3D7CFD1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "C47E4CC9-C826-4FA9-B014-7FE3D9B318B2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "F71D92C0-C023-48BD-B3B6-70B638EEE298", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*", "matchCriteriaId": "13580667-0A98-40CC-B29F-D12790B91BDB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*", "matchCriteriaId": "CAD1FED7-CF48-47BF-AC7D-7B6FA3C065FC", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*", "matchCriteriaId": "3EF854A1-ABB1-4E93-BE9A-44569EC76C0D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:*", "matchCriteriaId": "F5DC0CA6-F0AF-4DDF-A882-3DADB9A886A7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsfc: fix deadlock in RSS config read\n\nSince cited commit, core locks the net_device's rss_lock when handling\n ethtool -x command, so driver's implementation should not lock it\n again. Remove the latter."}, {"lang": "es", "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nsfc: soluciona interbloqueo en la lectura de configuraci\u00f3n RSS\n\nDesde el commit citado, el n\u00facleo bloquea el rss_lock del net_device al manejar el comando ethtool -x, por lo que la implementaci\u00f3n del controlador no deber\u00eda bloquearlo de nuevo. Eliminar esto \u00faltimo."}], "id": "CVE-2026-23165", "lastModified": "2026-03-18T15:02:51.063", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-02-14T16:15:56.693", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/590c8179ffb01c17644181408821b55b8704c50c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/944c614b0a7afa5b87612c3fb557b95a50ad654c"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: sfc: fix deadlock in RSS config read", "id": "2439922", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439922"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2026-23165", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-02-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23165\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23165\nhttps://lore.kernel.org/linux-cve-announce/2026021419-CVE-2026-23165-3437@gregkh/T"], "statement": "This deadlock affects systems with Solarflare NICs when querying RSS settings via ethtool. Any local user with access to network configuration can trigger the hang. The fix is straightforward \u2014 remove the redundant lock acquisition in the driver.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[040cef30b5e67271e3193e0206f82b206fc97095,590c8179ffb01c17644181408821b55b8704c50c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[040cef30b5e67271e3193e0206f82b206fc97095,944c614b0a7afa5b87612c3fb557b95a50ad654c)"}}], "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.17"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.17)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.9,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[6.19,*]"}}], "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-18T18:02:32.688776+00:00", "value": {"mitigation_remediation": ["Upgrade the kernel to a version that contains the commit 590c8179ffb01c17644181408821b55b8704c50c and 944c614b0a7afa5b87612c3fb557b95a50ad654c applied, or backport the patch to the affected build.", "If an immediate kernel upgrade is not possible, rebuild the affected SFC driver module without the additional rss_lock acquisition introduced before the fix.", "Ensure the net_device use of rss_lock is consistent with the kernel core routine, and consider disabling or re\u2011configuring ethtool \u2011x usage for the affected interfaces until a patched kernel is available."], "summary": {"action": "Apply Patch", "impact": "Deadlock in RSS configuration read causing service unavailability"}, "threat_synthesis": {"affected_systems": "All Linux kernel builds that include the SFC driver prior to the patch, notably the 6.19 release candidates (rc1 through rc7) and any derivative kernels that use the same code path. No CVE\u2011specific version number is listed beyond the rc range, so any kernel compiled from sources before the provided commit may be vulnerable.", "description_and_impact": "The vulnerability manifests as a deadlock that occurs when the kernel handles the ethtool \u2011x command for the SFC (Solarflare) driver. During the configuration read the net_device rss_lock is held by the core routine, yet driver code attempts to lock it again. This double\u2011lock situation can cause the kernel to stall, potentially freezing network operations and impacting system availability. The weakness is identified as a deadlock (CWE\u2011667).", "risk_and_exploitability": "The CVSS score of 5.5 indicates a medium severity. The EPSS score is below 1%, suggesting a very low probability of exploitation in the wild. The vulnerability is not in the CISA KEV catalog, further implying limited current exploitation. Triggering the ethtool \u2011x command could induce the deadlock, resulting in service disruption rather than a traditional remote code execution. The risk remains moderate but is mitigated by the low exploitation likelihood."}}}}, "created": "2026-02-16T09:44:26.008384+00:00", "updated": "2026-04-18T18:15:06.570996+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}