{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23284", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.992Z", "datePublished": "2026-03-25T10:26:44.036Z", "dateUpdated": "2026-03-25T10:26:44.036Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-03-25T10:26:44.036Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()\n\nReset eBPF program pointer to old_prog and do not decrease its ref-count\nif mtk_open routine in mtk_xdp_setup() fails."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/mediatek/mtk_eth_soc.c"], "versions": [{"version": "7c26c20da5d420cde55618263be4aa2f6de53056", "lessThan": "8c2d76a9658a4dbfcf02f2693a97e2d5ff42197a", "status": "affected", "versionType": "git"}, {"version": "7c26c20da5d420cde55618263be4aa2f6de53056", "lessThan": "29629dd7d37349e9fb605375a75de44ac8926ea9", "status": "affected", "versionType": "git"}, {"version": "7c26c20da5d420cde55618263be4aa2f6de53056", "lessThan": "b73dfe1ea7be7a072482434643b517d7726f4c8d", "status": "affected", "versionType": "git"}, {"version": "7c26c20da5d420cde55618263be4aa2f6de53056", "lessThan": "6f95b59520278a72df9905db791b7ea31375fbc1", "status": "affected", "versionType": "git"}, {"version": "7c26c20da5d420cde55618263be4aa2f6de53056", "lessThan": "ff14cd44c85c20ad69479db73698185de291550c", "status": "affected", "versionType": "git"}, {"version": "7c26c20da5d420cde55618263be4aa2f6de53056", "lessThan": "0abc73c8a40fd64ac1739c90bb4f42c418d27a5e", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/mediatek/mtk_eth_soc.c"], "versions": [{"version": "6.0", "status": "affected"}, {"version": "0", "lessThan": "6.0", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.167", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.130", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.77", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.17", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.7", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0-rc3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.1.167"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.6.130"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.12.77"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.18.17"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.19.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "7.0-rc3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/8c2d76a9658a4dbfcf02f2693a97e2d5ff42197a"}, {"url": "https://git.kernel.org/stable/c/29629dd7d37349e9fb605375a75de44ac8926ea9"}, {"url": "https://git.kernel.org/stable/c/b73dfe1ea7be7a072482434643b517d7726f4c8d"}, {"url": "https://git.kernel.org/stable/c/6f95b59520278a72df9905db791b7ea31375fbc1"}, {"url": "https://git.kernel.org/stable/c/ff14cd44c85c20ad69479db73698185de291550c"}, {"url": "https://git.kernel.org/stable/c/0abc73c8a40fd64ac1739c90bb4f42c418d27a5e"}], "title": "net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()\n\nReset eBPF program pointer to old_prog and do not decrease its ref-count\nif mtk_open routine in mtk_xdp_setup() fails."}], "id": "CVE-2026-23284", "lastModified": "2026-03-25T15:41:33.977", "metrics": {}, "published": "2026-03-25T11:16:23.080", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0abc73c8a40fd64ac1739c90bb4f42c418d27a5e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/29629dd7d37349e9fb605375a75de44ac8926ea9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6f95b59520278a72df9905db791b7ea31375fbc1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8c2d76a9658a4dbfcf02f2693a97e2d5ff42197a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b73dfe1ea7be7a072482434643b517d7726f4c8d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ff14cd44c85c20ad69479db73698185de291550c"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()", "id": "2451176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451176"}, "csaw": false, "cwe": "CWE-911", "details": ["A flaw was found in the Linux kernel's mtk_eth_soc driver. This vulnerability occurs when an error in the `mtk_open` routine within `mtk_xdp_setup()` leads to an incorrect reset of the eBPF (Extended Berkeley Packet Filter) program pointer without properly decreasing its reference count. This improper resource handling could potentially result in system instability or a denial of service (DoS)."], "name": "CVE-2026-23284", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23284\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23284\nhttps://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23284-ca53@gregkh/T"]}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[7c26c20da5d420cde55618263be4aa2f6de53056,8c2d76a9658a4dbfcf02f2693a97e2d5ff42197a)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[7c26c20da5d420cde55618263be4aa2f6de53056,29629dd7d37349e9fb605375a75de44ac8926ea9)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[7c26c20da5d420cde55618263be4aa2f6de53056,b73dfe1ea7be7a072482434643b517d7726f4c8d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[7c26c20da5d420cde55618263be4aa2f6de53056,6f95b59520278a72df9905db791b7ea31375fbc1)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[7c26c20da5d420cde55618263be4aa2f6de53056,ff14cd44c85c20ad69479db73698185de291550c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[7c26c20da5d420cde55618263be4aa2f6de53056,0abc73c8a40fd64ac1739c90bb4f42c418d27a5e)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.0"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,6.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.1.167,6.2.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.6.130,6.7.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.77,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.17,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.7,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.0-rc3,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-03-26T03:55:12.865869+00:00", "value": {"mitigation_remediation": ["Update to a Linux kernel version that contains the fix for CVE-2026-23284", "If an upgrade is not yet possible, disable XDP/eBPF support on the affected MediaTek network interface to avoid the fault path", "Restrict privileges so that only trusted users or systems can load XDP programs, for example by using SELinux or AppArmor"], "summary": {"action": "Patch Now", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The issue affects Linux kernel builds that include the mtk_eth_soc driver for MediaTek SoC network devices. Specific kernel version ranges are not listed, so any kernel prior to the patch that retains the driver is potentially vulnerable.", "description_and_impact": "The vulnerability occurs in the MediaTek Ethernet driver within the Linux kernel. During XDP program configuration, an error path in the mtk_xdp_setup() routine leaves the eBPF program pointer pointing to its previous value while failing to decrement the reference count. This improper reference counting can lead to a memory leak or double\u2011free, potentially causing kernel instability and a system crash, which would deny network services on the affected interface.", "risk_and_exploitability": "The EPSS score is less than 1\u202f%, and the vulnerability is not listed in the CISA KEV catalog, indicating low exploitation probability. The likely attack vector requires an attacker to have the ability to load or modify an XDP (eBPF) program on the affected interface, which typically requires elevated privileges such as CAP_NET_ADMIN or root. Thus the risk is confined to privileged or local attackers and manifests as a denial\u2011of\u2011service via kernel crash, with no confirmed confidentiality or integrity impact."}}}}, "created": "2026-03-25T21:15:46.331136+00:00", "updated": "2026-03-26T12:17:33.743934+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}