CVE-2026-23451

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contained a flaw in the bond header parse() function. This function could enter an infinite loop when processing a stack of two bonding devices because skb->dev always pointed to the top of the hierarchy. A new parameter, dev, was added to the (struct header ops)->parse() method to bound recursion and ensure the leaf parse method is called.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.