CVE-2026-23254

Description

In the Linux kernel, the following vulnerability has been resolved:net: gro: fix outer network offsetThe udp GRO complete stage assumes that all the packets inserted the RXhave the encapsulation flag zeroed. Such assumption is not true, as afew H/W NICs can set such flag when H/W offloading the checksum foran UDP encapsulated traffic, the tun driver can inject GSO packets withUDP encapsulation and the problematic layout can also be created viaa veth based setup.Due to the above, in the problematic scenarios, udp4_gro_complete() usesthe wrong network offset (inner instead of outer) to compute the outerUDP header pseudo checksum, leading to csum validation errors later onin packet processing.Address the issue always clearing the encapsulation flag at GRO completiontime. Such flag will be set again as needed for encapsulated packets byudp_gro_complete().

Risk Information

Base Score

5.5

MODERATE

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score

Exploitation Probability

0.023

Associated Vulnerability

No records found

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234