CVE-2026-23302 PUBLISHED

net: annotate data-races around sk->sk_{data_ready,write_space}

Assigner: Linux
Reserved: 13.01.2026 Published: 25.03.2026 Updated: 25.03.2026

In the Linux kernel, the following vulnerability has been resolved:

net: annotate data-races around sk->sk_{data_ready,write_space}

skmsg (and probably other layers) are changing these pointers while other cpus might read them concurrently.

Add corresponding READ_ONCE()/WRITE_ONCE() annotations for UDP, TCP and AF_UNIX.

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from 604326b41a6fb9b4a78b6179335decee0365cd8c to f17c1c4acbe2bd702abce73a847a04a196fab2c5 (excl.)
  • affected from 604326b41a6fb9b4a78b6179335decee0365cd8c to 27fccdbcbbfc4651b6f66756e6fa3f52e051ec23 (excl.)
  • affected from 604326b41a6fb9b4a78b6179335decee0365cd8c to 2ef2b20cf4e04ac8a6ba68493f8780776ff84300 (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 4.20 is affected
  • unaffected from 0 to 4.20 (excl.)
  • unaffected from 6.18.17 to 6.18.* (incl.)
  • unaffected from 6.19.7 to 6.19.* (incl.)
  • unaffected from 7.0-rc3 to * (incl.)

References