CVE-2026-23066

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the rxrpc subsystem related to the handling of recvmsg() calls. Specifically, an unconditional requeue of calls can occur if MSG DONTWAIT is specified and a mutex is already locked on a call at the front of the recvmsg queue. This can lead to corruption of the recvmsg queue, potentially resulting in use-after-free (UAF) conditions or refcount underruns. The issue arises from incorrectly requeuing calls already present in the queue and inappropriately calling rxrpc notify socket() when MSG PEEK is used without dequeuing the call.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Uncontrolled Recursion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-674

Related Identifiers

AZL-77250

CVE-2026-23066

ECHO-8037-DF07-6304

OPENSUSE-SU-2026:20416-1

RHSA-2026:10108

RHSA-2026:9095

RHSA-2026:9112

RHSA-2026:9512

RHSA-2026:9644

SUSE-SU-2026:20838-1

SUSE-SU-2026:20931-1

SUSE-SU-2026:21284-1

Affected Products

Linux Kernel

CVE-2026-23066

Weakness Enumeration

Related Identifiers

Affected Products

References · 408