CVE-2026-23436

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contained a flaw where a network device could be unregistered between the time a reference was taken and the time it was locked, potentially leading to a memory leak during Netlink operation preparation. This occurred due to the potential for hierarchy allocation after a flush operation had already run. The issue was addressed by taking the instance lock during the pre-callback phase, eliminating the race condition and the need for dedicated lock/unlock callbacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.