CVE-2026-23209

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the macvlan component, specifically in the macvlan common newlink() function. A use-after-free condition can occur when creating a new macvlan link with MACVLAN MODE SOURCE mode and MACVLAN MACADDR ADD or MACVLAN MACADDR SET parameters, if the lower device already has a macvlan port and register netdevice() fails. This failure leads to a call to free netdev(), which frees the struct net device while it is still referenced in a source entry attached to the lower device's macvlan port. Subsequently, packets sent on the macvlan port with a matching source MAC address can trigger the use-after-free in macvlan forward source(). The issue was identified through a reproduction scenario involving the creation of veth pairs and macvlan interfaces, and a detailed analysis provided by valis.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.