CVE-2026-23447

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A bounds-check issue exists in the cdc ncm rx verify ndp32() function within the Linux kernel's networking subsystem for USB Network (cdc ncm). The issue arises from a failure to account for ndpoffset when validating the DPE array size against the total skb length, potentially leading to out-of-bounds reads when the NDP32 is positioned near the end of the NTB. The fix involves adding ndpoffset to the nframes bounds check and using struct size t() to clarify the NDP-plus-DPE-array size.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.