CVE-2026-23083 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: fou: Don't allow 0 for FOU_ATTR_IPPROTO. fou_udp_recv() has the same problem mentioned in the previous patch. If FOU_ATTR_IPPROTO is set to 0, skb is not freed by fou_udp_recv() nor "resubmit"-ted in ip_protocol_deliver_rcu(). Let's forbid 0 for FOU_ATTR_IPPROTO.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/1cc98b8887cabb1808d2f4a37cd10a7be7574771
https://git.kernel.org/stable/c/7a9bc9e3f42391e4c187e099263cf7a1c4b69ff5
https://git.kernel.org/stable/c/9b75dff8446ec871030d8daf5a69e74f5fe8b956
https://git.kernel.org/stable/c/b7db31a52c3862a1a32202a273a4c32e7f5f4823

History

Wed, 04 Feb 2026 16:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: fou: Don't allow 0 for FOU_ATTR_IPPROTO. fou_udp_recv() has the same problem mentioned in the previous patch. If FOU_ATTR_IPPROTO is set to 0, skb is not freed by fou_udp_recv() nor "resubmit"-ted in ip_protocol_deliver_rcu(). Let's forbid 0 for FOU_ATTR_IPPROTO.
Title		fou: Don't allow 0 for FOU_ATTR_IPPROTO.
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/1cc98b8887cabb1808d2f4a37cd10a7be7574771 https://git.kernel.org/stable/c/7a9bc9e3f42391e4c187e099263cf7a1c4b69ff5 https://git.kernel.org/stable/c/9b75dff8446ec871030d8daf5a69e74f5fe8b956 https://git.kernel.org/stable/c/b7db31a52c3862a1a32202a273a4c32e7f5f4823

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-02-04T16:08:07.561Z

Updated: 2026-02-04T16:08:07.561Z

Reserved: 2026-01-13T15:37:45.960Z

Link: CVE-2026-23083

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-02-04T17:16:19.163

Modified: 2026-02-04T17:16:19.163

Link: CVE-2026-23083

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23083", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.960Z", "datePublished": "2026-02-04T16:08:07.561Z", "dateUpdated": "2026-02-04T16:08:07.561Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-02-04T16:08:07.561Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfou: Don't allow 0 for FOU_ATTR_IPPROTO.\n\nfou_udp_recv() has the same problem mentioned in the previous\npatch.\n\nIf FOU_ATTR_IPPROTO is set to 0, skb is not freed by\nfou_udp_recv() nor \"resubmit\"-ted in ip_protocol_deliver_rcu().\n\nLet's forbid 0 for FOU_ATTR_IPPROTO."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["Documentation/netlink/specs/fou.yaml", "net/ipv4/fou_nl.c"], "versions": [{"version": "23461551c00628c3f3fe9cf837bf53cf8f212b63", "lessThan": "1cc98b8887cabb1808d2f4a37cd10a7be7574771", "status": "affected", "versionType": "git"}, {"version": "23461551c00628c3f3fe9cf837bf53cf8f212b63", "lessThan": "b7db31a52c3862a1a32202a273a4c32e7f5f4823", "status": "affected", "versionType": "git"}, {"version": "23461551c00628c3f3fe9cf837bf53cf8f212b63", "lessThan": "9b75dff8446ec871030d8daf5a69e74f5fe8b956", "status": "affected", "versionType": "git"}, {"version": "23461551c00628c3f3fe9cf837bf53cf8f212b63", "lessThan": "7a9bc9e3f42391e4c187e099263cf7a1c4b69ff5", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["Documentation/netlink/specs/fou.yaml", "net/ipv4/fou_nl.c"], "versions": [{"version": "3.18", "status": "affected"}, {"version": "0", "lessThan": "3.18", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.122", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.68", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.8", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19-rc7", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.18", "versionEndExcluding": "6.6.122"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.18", "versionEndExcluding": "6.12.68"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.18", "versionEndExcluding": "6.18.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.18", "versionEndExcluding": "6.19-rc7"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/1cc98b8887cabb1808d2f4a37cd10a7be7574771"}, {"url": "https://git.kernel.org/stable/c/b7db31a52c3862a1a32202a273a4c32e7f5f4823"}, {"url": "https://git.kernel.org/stable/c/9b75dff8446ec871030d8daf5a69e74f5fe8b956"}, {"url": "https://git.kernel.org/stable/c/7a9bc9e3f42391e4c187e099263cf7a1c4b69ff5"}], "title": "fou: Don't allow 0 for FOU_ATTR_IPPROTO.", "x_generator": {"engine": "bippy-1.2.0"}}}}