CVE-2026-23175

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0-rc7-next-20260130-yocto-standard+ #35

Description The Linux kernel contains a flaw within the cpsw network driver related to the handling of the ndo set rx mode callback. Specifically, the callback was being executed in a work queue without the necessary RTNL lock, leading to potential issues when interacting with VLAN configurations. The issue was triggered by a prior commit that removed the RTNL lock for IPv6 multicast operations. Attempts to directly re-introduce the RTNL lock were deemed impractical due to the callback being invoked in various contexts. The resolution involves executing the processing within a work queue, mirroring the approach used by the icssg-prueth driver. The issue was observed on a BeagleBone Black board and could manifest as an assertion failure within the vlan for each function.

Recommendations Update to Linux kernel version 6.19.0-rc7-next-20260130-yocto-standard+ #35 or a later version to address this issue.