Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-23451
PUBLISHED
More InfoOfficial Page
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
View Known Exploited Vulnerability (KEV) details
Published At-03 Apr, 2026 | 15:15
Updated At-11 May, 2026 | 22:07
Rejected At-
▼CVE Numbering Authority (CNA)
bonding: prevent potential infinite loop in bond_header_parse()

In the Linux kernel, the following vulnerability has been resolved: bonding: prevent potential infinite loop in bond_header_parse() bond_header_parse() can loop if a stack of two bonding devices is setup, because skb->dev always points to the hierarchy top. Add new "const struct net_device *dev" parameter to (struct header_ops)->parse() method to make sure the recursion is bounded, and that the final leaf parse method is called.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/firewire/net.c
  • drivers/net/bonding/bond_main.c
  • include/linux/etherdevice.h
  • include/linux/if_ether.h
  • include/linux/netdevice.h
  • net/ethernet/eth.c
  • net/ipv4/ip_gre.c
  • net/mac802154/iface.c
  • net/phonet/af_phonet.c
Default Status
unaffected
Versions
Affected
  • From 9baf26a91565b7bb2b1d9f99aaf884a2b28c2f6d before 946bb6cacf0ccada7bc80f1cfa07c1ed79511c1c (git)
  • From 6ac890f1d60ac3707ee8dae15a67d9a833e49956 before 4172a7901cf43fe1cc63ef7a2ef33735ff7b7d13 (git)
  • From 95597d11dc8bddb2b9a051c9232000bfbb5e43ba before 9b49c854f14f5e2d493e562a1e28d2e57fe37371 (git)
  • From 950803f7254721c1c15858fbbfae3deaaeeecb11 before b7405dcf7385445e10821777143f18c3ce20fa04 (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/firewire/net.c
  • drivers/net/bonding/bond_main.c
  • include/linux/etherdevice.h
  • include/linux/if_ether.h
  • include/linux/netdevice.h
  • net/ethernet/eth.c
  • net/ipv4/ip_gre.c
  • net/mac802154/iface.c
  • net/phonet/af_phonet.c
Default Status
unaffected
Versions
Affected
  • From 6.18.19 before 6.18.20 (semver)
  • From 6.19.9 before 6.19.10 (semver)
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/946bb6cacf0ccada7bc80f1cfa07c1ed79511c1c
N/A
https://git.kernel.org/stable/c/4172a7901cf43fe1cc63ef7a2ef33735ff7b7d13
N/A
https://git.kernel.org/stable/c/9b49c854f14f5e2d493e562a1e28d2e57fe37371
N/A
https://git.kernel.org/stable/c/b7405dcf7385445e10821777143f18c3ce20fa04
N/A
Hyperlink: https://git.kernel.org/stable/c/946bb6cacf0ccada7bc80f1cfa07c1ed79511c1c
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/4172a7901cf43fe1cc63ef7a2ef33735ff7b7d13
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/9b49c854f14f5e2d493e562a1e28d2e57fe37371
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/b7405dcf7385445e10821777143f18c3ce20fa04
Resource: N/A
Details not found