| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2026020451-CVE-2026-23054-3712@gregkh> Date: Wed, 4 Feb 2026 17:04:49 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2026-23054: net: hv_netvsc: reject RSS hash key programming without RX indirection table From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: net: hv_netvsc: reject RSS hash key programming without RX indirection table RSS configuration requires a valid RX indirection table. When the device reports a single receive queue, rndis_filter_device_add() does not allocate an indirection table, accepting RSS hash key updates in this state leads to a hang. Fix this by gating netvsc_set_rxfh() on ndc->rx_table_sz and return -EOPNOTSUPP when the table is absent. This aligns set_rxfh with the device capabilities and prevents incorrect behavior. The Linux kernel CVE team has assigned CVE-2026-23054 to this issue. Affected and fixed versions =========================== Issue introduced in 4.11 with commit 962f3fee83a4ef9010ae84dc43ae7aecb572e2a9 and fixed in 6.6.122 with commit 82c9039c8ebb715753a40434df714f865a3aec9c Issue introduced in 4.11 with commit 962f3fee83a4ef9010ae84dc43ae7aecb572e2a9 and fixed in 6.12.67 with commit 4cd55c609e85ae2313248ef1a33619a3eef44a16 Issue introduced in 4.11 with commit 962f3fee83a4ef9010ae84dc43ae7aecb572e2a9 and fixed in 6.18.7 with commit 11dd9a9ef4dc4507a15a69b8511a0013c6c28fa3 Issue introduced in 4.11 with commit 962f3fee83a4ef9010ae84dc43ae7aecb572e2a9 and fixed in 6.19-rc6 with commit d23564955811da493f34412d7de60fa268c8cb50 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2026-23054 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/net/hyperv/netvsc_drv.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/82c9039c8ebb715753a40434df714f865a3aec9c https://git.kernel.org/stable/c/4cd55c609e85ae2313248ef1a33619a3eef44a16 https://git.kernel.org/stable/c/11dd9a9ef4dc4507a15a69b8511a0013c6c28fa3 https://git.kernel.org/stable/c/d23564955811da493f34412d7de60fa268c8cb50
Powered by blists - more mailing lists