CVE-2026-23212

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
18/02/2026
Last modified:
18/02/2026

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> bonding: annotate data-races around slave-&gt;last_rx<br /> <br /> slave-&gt;last_rx and slave-&gt;target_last_arp_rx[...] can be read and written<br /> locklessly. Add READ_ONCE() and WRITE_ONCE() annotations.<br /> <br /> syzbot reported:<br /> <br /> BUG: KCSAN: data-race in bond_rcv_validate / bond_rcv_validate<br /> <br /> write to 0xffff888149f0d428 of 8 bytes by interrupt on cpu 1:<br /> bond_rcv_validate+0x202/0x7a0 drivers/net/bonding/bond_main.c:3335<br /> bond_handle_frame+0xde/0x5e0 drivers/net/bonding/bond_main.c:1533<br /> __netif_receive_skb_core+0x5b1/0x1950 net/core/dev.c:6039<br /> __netif_receive_skb_one_core net/core/dev.c:6150 [inline]<br /> __netif_receive_skb+0x59/0x270 net/core/dev.c:6265<br /> netif_receive_skb_internal net/core/dev.c:6351 [inline]<br /> netif_receive_skb+0x4b/0x2d0 net/core/dev.c:6410<br /> ...<br /> <br /> write to 0xffff888149f0d428 of 8 bytes by interrupt on cpu 0:<br /> bond_rcv_validate+0x202/0x7a0 drivers/net/bonding/bond_main.c:3335<br /> bond_handle_frame+0xde/0x5e0 drivers/net/bonding/bond_main.c:1533<br /> __netif_receive_skb_core+0x5b1/0x1950 net/core/dev.c:6039<br /> __netif_receive_skb_one_core net/core/dev.c:6150 [inline]<br /> __netif_receive_skb+0x59/0x270 net/core/dev.c:6265<br /> netif_receive_skb_internal net/core/dev.c:6351 [inline]<br /> netif_receive_skb+0x4b/0x2d0 net/core/dev.c:6410<br /> br_netif_receive_skb net/bridge/br_input.c:30 [inline]<br /> NF_HOOK include/linux/netfilter.h:318 [inline]<br /> ...<br /> <br /> value changed: 0x0000000100005365 -&gt; 0x0000000100005366

Impact