CVE-2026-23359

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the bpf subsystem, specifically in the devmap functionality. The get upper ifindexes() function iterates through upper devices and writes their indices into an array without proper bounds checking. This can lead to a stack-out-of-bounds write if the number of upper devices exceeds MAX NEST DEV (8), potentially occurring when numerous macvlans are created on a device with an XDP program attached using BPF F BROADCAST and BPF F EXCLUDE INGRESS. The issue is addressed by adding a maximum parameter to get upper ifindexes() to prevent the out-of-bounds write, returning -EOVERFLOW if the limit is exceeded.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.