{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23420", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:46.014Z", "datePublished": "2026-04-03T13:24:29.681Z", "dateUpdated": "2026-04-03T13:24:29.681Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-04-03T13:24:29.681Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wlcore: Fix a locking bug\n\nMake sure that wl->mutex is locked before it is unlocked. This has been\ndetected by the Clang thread-safety analyzer."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/ti/wlcore/main.c"], "versions": [{"version": "45aa7f071b06c8481afed4c7b93e07c9584741e8", "lessThan": "7ab511003c5ae3bf5364d7699a2e3ab1db513680", "status": "affected", "versionType": "git"}, {"version": "45aa7f071b06c8481afed4c7b93e07c9584741e8", "lessThan": "aca4c9e4901b01b8b985993dc7df80bd1d1338bd", "status": "affected", "versionType": "git"}, {"version": "45aa7f071b06c8481afed4c7b93e07c9584741e8", "lessThan": "5feeea59ed142e15c3284d0b1a364c6786bf3487", "status": "affected", "versionType": "git"}, {"version": "45aa7f071b06c8481afed4c7b93e07c9584741e8", "lessThan": "fcef983ad88832f3aa83491a174c345de57afbbd", "status": "affected", "versionType": "git"}, {"version": "45aa7f071b06c8481afed4c7b93e07c9584741e8", "lessThan": "1a1c28a08d74716f3f8e3a21c86b30d0ff13521a", "status": "affected", "versionType": "git"}, {"version": "45aa7f071b06c8481afed4c7b93e07c9584741e8", "lessThan": "72c6df8f284b3a49812ce2ac136727ace70acc7c", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/ti/wlcore/main.c"], "versions": [{"version": "4.19", "status": "affected"}, {"version": "0", "lessThan": "4.19", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.167", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.130", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.77", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.17", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.7", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0-rc3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "6.1.167"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "6.6.130"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "6.12.77"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "6.18.17"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "6.19.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "7.0-rc3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/7ab511003c5ae3bf5364d7699a2e3ab1db513680"}, {"url": "https://git.kernel.org/stable/c/aca4c9e4901b01b8b985993dc7df80bd1d1338bd"}, {"url": "https://git.kernel.org/stable/c/5feeea59ed142e15c3284d0b1a364c6786bf3487"}, {"url": "https://git.kernel.org/stable/c/fcef983ad88832f3aa83491a174c345de57afbbd"}, {"url": "https://git.kernel.org/stable/c/1a1c28a08d74716f3f8e3a21c86b30d0ff13521a"}, {"url": "https://git.kernel.org/stable/c/72c6df8f284b3a49812ce2ac136727ace70acc7c"}], "title": "wifi: wlcore: Fix a locking bug", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wlcore: Fix a locking bug\n\nMake sure that wl->mutex is locked before it is unlocked. This has been\ndetected by the Clang thread-safety analyzer."}], "id": "CVE-2026-23420", "lastModified": "2026-04-03T16:10:23.730", "metrics": {}, "published": "2026-04-03T14:16:28.027", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1a1c28a08d74716f3f8e3a21c86b30d0ff13521a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5feeea59ed142e15c3284d0b1a364c6786bf3487"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/72c6df8f284b3a49812ce2ac136727ace70acc7c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/7ab511003c5ae3bf5364d7699a2e3ab1db513680"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/aca4c9e4901b01b8b985993dc7df80bd1d1338bd"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/fcef983ad88832f3aa83491a174c345de57afbbd"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[45aa7f071b06c8481afed4c7b93e07c9584741e8,7ab511003c5ae3bf5364d7699a2e3ab1db513680)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[45aa7f071b06c8481afed4c7b93e07c9584741e8,aca4c9e4901b01b8b985993dc7df80bd1d1338bd)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[45aa7f071b06c8481afed4c7b93e07c9584741e8,5feeea59ed142e15c3284d0b1a364c6786bf3487)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[45aa7f071b06c8481afed4c7b93e07c9584741e8,fcef983ad88832f3aa83491a174c345de57afbbd)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[45aa7f071b06c8481afed4c7b93e07c9584741e8,1a1c28a08d74716f3f8e3a21c86b30d0ff13521a)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[45aa7f071b06c8481afed4c7b93e07c9584741e8,72c6df8f284b3a49812ce2ac136727ace70acc7c)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "4.19"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,4.19)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[6.1.167,6.1.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[6.6.130,6.6.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[6.12.77,6.12.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[6.18.17,6.18.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.0-rc3,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-03T16:37:26.850654+00:00", "value": {"mitigation_remediation": ["Update the Linux kernel to a version that contains the wlcore mutex fix. ", "If a kernel update is not immediately available, disable or stop the affected wifi driver until the patch is released. ", "Verify that the driver\u2019s locking mechanisms are functioning correctly and that wl->mutex is always locked before unlocking. ", "Monitor system logs for any oops or deadlock events related to wlcore, and apply the patch as soon as possible."], "summary": {"action": "Apply Patch", "impact": "Race Condition in Wifi Driver Leading to Kernel Crash"}, "threat_synthesis": {"affected_systems": "All systems running the Linux kernel that include the wlcore wifi driver are affected. The specific kernel versions that are impacted are not listed in the advisory, so any kernel compiled with the unpatched driver code is potentially vulnerable.", "description_and_impact": "The vulnerability involves a race condition in the Linux kernel wifi driver where the wl->mutex lock is released without being held first. This flaw, identified by Clang\u2019s thread\u2011safety analyzer, can cause the driver to reach an unsafe state, potentially leading to a kernel crash (oops) or a denial of service if an attacker can trigger concurrent access.", "risk_and_exploitability": "The offer lacks a CVSS score or EPSS value, and the issue is not in the CISA KEV catalog, indicating low publicly documented exploitation. The likely attack vector would require local privileged or kernel exploitation to trigger the race condition in a running environment. Without a published exploit, the risk is considered moderate, but the impact could be significant if the driver is abused or the race condition is triggered spontaneously during normal operations."}}}}, "created": "2026-04-03T21:14:18.562120+00:00", "updated": "2026-04-03T21:16:34.418154+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"], "weaknesses": ["CWE-362", "CWE-366"]}