CVE-2026-23262

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel where a shared memory region for statistics reporting between the driver and the Network Interface Card (NIC) is susceptible to corruption. The NIC calculates its offset within this region based on the total size of the statistics region and the size of the NIC’s statistics. When the number of queues is modified, the driver resizes the statistics region. An increase in queue count can lead to the NIC writing beyond the allocated memory region, resulting in memory corruption. Conversely, a decrease in queue count creates a gap between the driver and NIC statistics, causing inaccurate reporting. The issue is addressed by allocating the statistics region with the maximum possible size and adjusting the offset calculation for NIC statistics to align with the NIC’s calculation method.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.