CVE-2026-23245

In the Linux kernel, the following vulnerability has been resolved:

net/sched: act gate: snapshot parameters with RCU on replace

The gate action can be replaced while the hrtimer callback or dump path is walking the schedule list.

Convert the parameters to an RCU-protected snapshot and swap updates under tcf lock, freeing the previous snapshot via call rcu(). When REPLACE omits the entry list, preserve the existing schedule so the effective state is unchanged.