{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23420", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:46.014Z", "datePublished": "2026-04-03T13:24:29.681Z", "dateUpdated": "2026-05-11T22:06:33.758Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:06:33.758Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wlcore: Fix a locking bug\n\nMake sure that wl->mutex is locked before it is unlocked. This has been\ndetected by the Clang thread-safety analyzer."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/ti/wlcore/main.c"], "versions": [{"version": "45aa7f071b06c8481afed4c7b93e07c9584741e8", "lessThan": "4ae8faf31b24c78653f4433298ee52813a56967a", "status": "affected", "versionType": "git"}, {"version": "45aa7f071b06c8481afed4c7b93e07c9584741e8", "lessThan": "fc404390a386404cf9822d4091ccae1f61efcbcd", "status": "affected", "versionType": "git"}, {"version": "45aa7f071b06c8481afed4c7b93e07c9584741e8", "lessThan": "7ab511003c5ae3bf5364d7699a2e3ab1db513680", "status": "affected", "versionType": "git"}, {"version": "45aa7f071b06c8481afed4c7b93e07c9584741e8", "lessThan": "aca4c9e4901b01b8b985993dc7df80bd1d1338bd", "status": "affected", "versionType": "git"}, {"version": "45aa7f071b06c8481afed4c7b93e07c9584741e8", "lessThan": "5feeea59ed142e15c3284d0b1a364c6786bf3487", "status": "affected", "versionType": "git"}, {"version": "45aa7f071b06c8481afed4c7b93e07c9584741e8", "lessThan": "fcef983ad88832f3aa83491a174c345de57afbbd", "status": "affected", "versionType": "git"}, {"version": "45aa7f071b06c8481afed4c7b93e07c9584741e8", "lessThan": "1a1c28a08d74716f3f8e3a21c86b30d0ff13521a", "status": "affected", "versionType": "git"}, {"version": "45aa7f071b06c8481afed4c7b93e07c9584741e8", "lessThan": "72c6df8f284b3a49812ce2ac136727ace70acc7c", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/ti/wlcore/main.c"], "versions": [{"version": "4.19", "status": "affected"}, {"version": "0", "lessThan": "4.19", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.253", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.203", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.167", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.130", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.77", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.17", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.7", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "5.10.253"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "5.15.203"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "6.1.167"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "6.6.130"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "6.12.77"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "6.18.17"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "6.19.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/4ae8faf31b24c78653f4433298ee52813a56967a"}, {"url": "https://git.kernel.org/stable/c/fc404390a386404cf9822d4091ccae1f61efcbcd"}, {"url": "https://git.kernel.org/stable/c/7ab511003c5ae3bf5364d7699a2e3ab1db513680"}, {"url": "https://git.kernel.org/stable/c/aca4c9e4901b01b8b985993dc7df80bd1d1338bd"}, {"url": "https://git.kernel.org/stable/c/5feeea59ed142e15c3284d0b1a364c6786bf3487"}, {"url": "https://git.kernel.org/stable/c/fcef983ad88832f3aa83491a174c345de57afbbd"}, {"url": "https://git.kernel.org/stable/c/1a1c28a08d74716f3f8e3a21c86b30d0ff13521a"}, {"url": "https://git.kernel.org/stable/c/72c6df8f284b3a49812ce2ac136727ace70acc7c"}], "title": "wifi: wlcore: Fix a locking bug", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "DCA68506-DA89-4BB0-BB51-9DE08D03AA32", "versionEndExcluding": "5.10.253", "versionStartIncluding": "4.19.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "20DDB3E9-AABF-4107-ADB0-5362AA067045", "versionEndExcluding": "5.15.203", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "2EDC6BAF-B710-4E26-B6AA-D68922EE7B43", "versionEndExcluding": "6.1.167", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C57BB918-DF28-46B3-94F7-144176841267", "versionEndExcluding": "6.6.130", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B3D12E00-E42D-4056-B354-BAD4903C03A5", "versionEndExcluding": "6.12.77", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A5E006E4-59C7-43C1-9231-62A72219F2BA", "versionEndExcluding": "6.18.17", "versionStartIncluding": "6.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "69245D10-0B71-485E-80C3-A64F077004D3", "versionEndExcluding": "6.19.7", "versionStartIncluding": "6.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:4.19:-:*:*:*:*:*:*", "matchCriteriaId": "CFDAD450-8799-4C2D-80CE-2AA45DEC35CE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "F253B622-8837-4245-BCE5-A7BF8FC76A16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "F666C8D8-6538-46D4-B318-87610DE64C34", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "02259FDA-961B-47BC-AE7F-93D7EC6E90C2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*", "matchCriteriaId": "58A9FEFF-C040-420D-8F0A-BFDAAA1DF258", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*", "matchCriteriaId": "1D2315C0-D46F-4F85-9754-F9E5E11374A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*", "matchCriteriaId": "512EE3A8-A590-4501-9A94-5D4B268D6138", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wlcore: Fix a locking bug\n\nMake sure that wl->mutex is locked before it is unlocked. This has been\ndetected by the Clang thread-safety analyzer."}], "id": "CVE-2026-23420", "lastModified": "2026-04-24T15:21:23.107", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-03T14:16:28.027", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/1a1c28a08d74716f3f8e3a21c86b30d0ff13521a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4ae8faf31b24c78653f4433298ee52813a56967a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5feeea59ed142e15c3284d0b1a364c6786bf3487"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/72c6df8f284b3a49812ce2ac136727ace70acc7c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7ab511003c5ae3bf5364d7699a2e3ab1db513680"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/aca4c9e4901b01b8b985993dc7df80bd1d1338bd"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fc404390a386404cf9822d4091ccae1f61efcbcd"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fcef983ad88832f3aa83491a174c345de57afbbd"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: wifi: wlcore: Fix a locking bug", "id": "2454770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2454770"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-832", "details": ["A flaw was found in the Linux kernel's wlcore Wi-Fi driver. This vulnerability involves an improper handling of a locking mechanism, specifically the `wl->mutex`. This can lead to system instability or unexpected behavior. The issue was identified by a thread-safety analyzer."], "name": "CVE-2026-23420", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-04-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23420\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23420\nhttps://lore.kernel.org/linux-cve-announce/2026040303-CVE-2026-23420-c110@gregkh/T"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[45aa7f071b06c8481afed4c7b93e07c9584741e8,7ab511003c5ae3bf5364d7699a2e3ab1db513680)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[45aa7f071b06c8481afed4c7b93e07c9584741e8,aca4c9e4901b01b8b985993dc7df80bd1d1338bd)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[45aa7f071b06c8481afed4c7b93e07c9584741e8,5feeea59ed142e15c3284d0b1a364c6786bf3487)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[45aa7f071b06c8481afed4c7b93e07c9584741e8,fcef983ad88832f3aa83491a174c345de57afbbd)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[45aa7f071b06c8481afed4c7b93e07c9584741e8,1a1c28a08d74716f3f8e3a21c86b30d0ff13521a)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[45aa7f071b06c8481afed4c7b93e07c9584741e8,72c6df8f284b3a49812ce2ac136727ace70acc7c)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "4.19"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,4.19)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[6.1.167,6.1.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[6.6.130,6.6.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[6.12.77,6.12.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[6.18.17,6.18.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.0-rc3,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-29T00:36:50.123721+00:00", "value": {"mitigation_remediation": ["Apply a Linux kernel update that contains the wlcore locking bug fix", "If an update is not yet available, disable Wi\u2011Fi operations or unload the wlcore driver to keep the vulnerable code from executing", "Monitor system logs for kernel instability events that may indicate driver\u2011related issues"], "summary": {"action": "Apply patch", "impact": "Kernel instability potential"}, "threat_synthesis": {"affected_systems": "The issue is present in any Linux kernel that incorporates the wlcore driver before the applied fix. Associated CPE entries cover Linux kernel 4.19 and the 7.0 series release candidates from rc1 through rc7, meaning that distributions shipping those kernels\u2014or derivatives that include them\u2014could be vulnerable. No specific vendor product name beyond the generic Linux\u00a0Kernel is available.", "description_and_impact": "A locking bug was discovered in the wlcore wireless driver of the Linux kernel. The code attempted to release wl->mutex without first acquiring it, a defect detected by the Clang thread\u2011safety analyzer. The weakness relates to improper lock acquisition/release (CWE-667) and mutable data access without proper control (CWE-832). Due to the absent lock, concurrent accesses could manifest as race conditions, potentially leading to undefined kernel\u2010level behavior.", "risk_and_exploitability": "The CVSS score of 5.5 indicates a medium severity. An EPSS score of less than 1% signals a low likelihood of exploitation, and the vulnerability is not listed in CISA\u2019s KEV catalog. Based on the description, it is inferred that an attacker would need to influence the wlcore driver\u2019s operation\u2014likely through crafted Wi\u2011Fi traffic or other local interactions\u2014to trigger the race condition. No active exploits are publicly documented, and the provided patch resolves the locking defect."}}}}, "created": "2026-04-03T21:14:18.562120+00:00", "updated": "2026-04-29T00:45:26.158490+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}