CVE-2026-23274

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue within the netfilter module, specifically in the xt IDLETIMER component. The problem arises from the reuse of ALARM timer labels by IDLETIMER revision 0 rules, which call mod timer() on an uninitialized timer list (timer->timer) if the label was initially created by revision 1 with XT IDLETIMER ALARM. This can lead to debugobjects warnings and potentially a system panic when panic on warn=1. The issue is addressed by preventing the insertion of revision 0 rules when an existing timer with the same label is of the ALARM type.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-23274

ECHO-2F00-B538-7352

OESA-2026-1862

OESA-2026-1863

OESA-2026-1864

OPENSUSE-SU-2026:20572-1

SUSE-SU-2026:1342-1

SUSE-SU-2026:1557-1

SUSE-SU-2026:1563-1

SUSE-SU-2026:1573-1

SUSE-SU-2026:1574-1

SUSE-SU-2026:1575-1

SUSE-SU-2026:1606-1

SUSE-SU-2026:1643-1

SUSE-SU-2026:1661-1

SUSE-SU-2026:21114-1

SUSE-SU-2026:21123-1

SUSE-SU-2026:21237-1

SUSE-SU-2026:21255-1

SUSE-SU-2026:21352-1

SUSE-SU-2026:21361-1

USN-8277-1

USN-8277-2

USN-8278-1

USN-8279-1

USN-8279-2

USN-8289-1

USN-8291-1

USN-8291-2

USN-8296-1

Affected Products

Linux Kernel

Ubuntu

Netfilter

Xt Idletimer

CVE-2026-23274

Related Identifiers

Affected Products

References · 510