CVE-2026-23239

Published: Mar 10, 2026 Last Modified: Mar 11, 2026

ExploitDB:

Other exploit source:

Google Dorks:

Description

AI Translation Available

In the Linux kernel, the following vulnerability has been resolved:

espintcp: Fix race condition in espintcp_close()

This issue was discovered during a code audit.

After cancel_work_sync() is called from espintcp_close(),
espintcp_tx_work() can still be scheduled from paths such as
the Delayed ACK handler or ksoftirqd.
As a result, the espintcp_tx_work() worker may dereference a
freed espintcp ctx or sk.

The following is a simple race scenario:

cpu0 cpu1

espintcp_close()
cancel_work_sync(&ctx->work);
espintcp_write_space()
schedule_work(&ctx->work);

To prevent this race condition, cancel_work_sync() is
replaced with disable_work_sync().

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0002

Percentile

0,0th

Updated

EPSS Score Trend (Last 6 Days)

https://git.kernel.org/stable/c/022ff7f347588de6e17879a1da6…

https://git.kernel.org/stable/c/022ff7f347588de6e17879a1da6019647b21321b

https://git.kernel.org/stable/c/664e9df53226b4505a0894817ec…

https://git.kernel.org/stable/c/664e9df53226b4505a0894817ecad2c610ab11d8

https://git.kernel.org/stable/c/e1512c1db9e8794d8d130addd26…

https://git.kernel.org/stable/c/e1512c1db9e8794d8d130addd2615ec27231d994

https://git.kernel.org/stable/c/f7ad8b1d0e421c524604d5076b7…

https://git.kernel.org/stable/c/f7ad8b1d0e421c524604d5076b73232093490d5c

CVE-2026-23239

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 6 Days)

Iscriviti alla newsletter