In the Linux kernel, the following vulnerability has been resolved:
ip_tunnel: adapt iptunnel_xmit_stats() to NETDEV_PCPU_STAT_DSTATS
Blamed commits forgot that vxlan/geneve use udp_tunnel[6]_xmit_skb() which
call iptunnel_xmit_stats().
iptunnel_xmit_stats() was assuming tunnels were only using
NETDEV_PCPU_STAT_TSTATS.
@syncp offset in pcpu_sw_netstats and pcpu_dstats is different.
32bit kernels would either have corruptions or freezes if the syncp
sequence was overwritten.
This patch also moves pcpu_stat_type closer to dev->{t,d}stats to avoid
a potential cache line miss since iptunnel_xmit_stats() needs to read it.
CVE-2026-23459
NONE
EPSS 0.02%
Updated Apr 07, 2026
Linux
CVE Details
CVE ID
CVE-2026-23459
Published Date
Apr 03, 2026
Vendor
Linux
Severity
NONE
Exploit Prediction (EPSS)
Probability of Exploit
0.02%
Likelihood of exploitation in next 30 days
Percentile:
6.7th percentile (higher than 6.7% of all CVEs)
Standard patching cycle
Impact
Minimal impact
Source
View Advisory