{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23284", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.992Z", "datePublished": "2026-03-25T10:26:44.036Z", "dateUpdated": "2026-05-11T22:03:53.661Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:03:53.661Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()\n\nReset eBPF program pointer to old_prog and do not decrease its ref-count\nif mtk_open routine in mtk_xdp_setup() fails."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/mediatek/mtk_eth_soc.c"], "versions": [{"version": "7c26c20da5d420cde55618263be4aa2f6de53056", "lessThan": "8c2d76a9658a4dbfcf02f2693a97e2d5ff42197a", "status": "affected", "versionType": "git"}, {"version": "7c26c20da5d420cde55618263be4aa2f6de53056", "lessThan": "29629dd7d37349e9fb605375a75de44ac8926ea9", "status": "affected", "versionType": "git"}, {"version": "7c26c20da5d420cde55618263be4aa2f6de53056", "lessThan": "b73dfe1ea7be7a072482434643b517d7726f4c8d", "status": "affected", "versionType": "git"}, {"version": "7c26c20da5d420cde55618263be4aa2f6de53056", "lessThan": "6f95b59520278a72df9905db791b7ea31375fbc1", "status": "affected", "versionType": "git"}, {"version": "7c26c20da5d420cde55618263be4aa2f6de53056", "lessThan": "ff14cd44c85c20ad69479db73698185de291550c", "status": "affected", "versionType": "git"}, {"version": "7c26c20da5d420cde55618263be4aa2f6de53056", "lessThan": "0abc73c8a40fd64ac1739c90bb4f42c418d27a5e", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/mediatek/mtk_eth_soc.c"], "versions": [{"version": "6.0", "status": "affected"}, {"version": "0", "lessThan": "6.0", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.167", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.130", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.77", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.17", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.7", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.1.167"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.6.130"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.12.77"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.18.17"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.19.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/8c2d76a9658a4dbfcf02f2693a97e2d5ff42197a"}, {"url": "https://git.kernel.org/stable/c/29629dd7d37349e9fb605375a75de44ac8926ea9"}, {"url": "https://git.kernel.org/stable/c/b73dfe1ea7be7a072482434643b517d7726f4c8d"}, {"url": "https://git.kernel.org/stable/c/6f95b59520278a72df9905db791b7ea31375fbc1"}, {"url": "https://git.kernel.org/stable/c/ff14cd44c85c20ad69479db73698185de291550c"}, {"url": "https://git.kernel.org/stable/c/0abc73c8a40fd64ac1739c90bb4f42c418d27a5e"}], "title": "net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()\n\nReset eBPF program pointer to old_prog and do not decrease its ref-count\nif mtk_open routine in mtk_xdp_setup() fails."}], "id": "CVE-2026-23284", "lastModified": "2026-03-25T15:41:33.977", "metrics": {}, "published": "2026-03-25T11:16:23.080", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0abc73c8a40fd64ac1739c90bb4f42c418d27a5e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/29629dd7d37349e9fb605375a75de44ac8926ea9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6f95b59520278a72df9905db791b7ea31375fbc1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8c2d76a9658a4dbfcf02f2693a97e2d5ff42197a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b73dfe1ea7be7a072482434643b517d7726f4c8d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ff14cd44c85c20ad69479db73698185de291550c"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()", "id": "2451176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451176"}, "csaw": false, "cwe": "CWE-911", "details": ["A flaw was found in the Linux kernel's mtk_eth_soc driver. This vulnerability occurs when an error in the `mtk_open` routine within `mtk_xdp_setup()` leads to an incorrect reset of the eBPF (Extended Berkeley Packet Filter) program pointer without properly decreasing its reference count. This improper resource handling could potentially result in system instability or a denial of service (DoS)."], "name": "CVE-2026-23284", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23284\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23284\nhttps://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23284-ca53@gregkh/T"]}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[7c26c20da5d420cde55618263be4aa2f6de53056,8c2d76a9658a4dbfcf02f2693a97e2d5ff42197a)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[7c26c20da5d420cde55618263be4aa2f6de53056,29629dd7d37349e9fb605375a75de44ac8926ea9)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[7c26c20da5d420cde55618263be4aa2f6de53056,b73dfe1ea7be7a072482434643b517d7726f4c8d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[7c26c20da5d420cde55618263be4aa2f6de53056,6f95b59520278a72df9905db791b7ea31375fbc1)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[7c26c20da5d420cde55618263be4aa2f6de53056,ff14cd44c85c20ad69479db73698185de291550c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[7c26c20da5d420cde55618263be4aa2f6de53056,0abc73c8a40fd64ac1739c90bb4f42c418d27a5e)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.0"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,6.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.1.167,6.2.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.6.130,6.7.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.77,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.17,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.7,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.0-rc3,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-03-26T16:15:48.017124+00:00", "value": {"mitigation_remediation": ["Upgrade the kernel to a version that includes the mtk_eth_soc driver patch for CVE-2026-23284.", "Verify that the running kernel matches the patched commit hash referenced in the vendor update notes.", "If an upgrade is not immediately possible, disable XDP program usage on MediaTek Ethernet interfaces to prevent triggering the error path.", "Monitor kernel logs for mtk_xdp_setup errors and watch for abnormal kernel memory growth.", "If kernel memory usage climbs, consider restarting affected services or performing a system reboot to clear leaked references."], "summary": {"action": "Patch", "impact": "Resource Exhaustion"}, "threat_synthesis": {"affected_systems": "The issue affects Linux kernel builds that include the MediaTek Ethernet driver (mtk_eth_soc) and support XDP eBPF program loading. All distributions shipping an unmodified driver before the patch commit are vulnerable; no specific kernel versions are listed, and version details from the CNA are absent.", "description_and_impact": "A flaw in the MediaTek Ethernet driver\u2019s XDP setup routine causes the pointer to an eBPF program to be reset to its previous value when mtk_open fails, but the reference count of the old program is not decreased. This results in a kernel memory leak that can grow over time and lead to out\u2011of\u2011memory conditions or instability. The vulnerability does not grant arbitrary code execution or data exfiltration, but it can impact confidentiality, integrity, or availability through resource exhaustion.", "risk_and_exploitability": "The EPSS score is below 1% and the vulnerability is not listed in the CISA KEV catalog, indicating a low likelihood of exploitation. Attackers would need the ability to load XDP programs onto a MediaTek Ethernet interface, which typically requires privileged (root) access or capabilities such as CAP_NET_ADMIN. Given the lack of an elevated CVSS score, the risk is considered low to moderate, mainly limited to memory exhaustion that could be mitigated by disabling the affected driver or XDP programs."}}}}, "created": "2026-03-25T21:15:46.331136+00:00", "updated": "2026-03-27T09:50:19.482611+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}