1. Home
  2. Vulnerabilities
  3. CVE-2026-23441
0.0
NA
CVE-2026-23441
net/mlx5e: Prevent concurrent access to IPSec ASO context
Overview
Description

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent concurrent access to IPSec ASO context The query or updating IPSec offload object is through Access ASO WQE. The driver uses a single mlx5e_ipsec_aso struct for each PF, which contains a shared DMA-mapped context for all ASO operations. A race condition exists because the ASO spinlock is released before the hardware has finished processing WQE. If a second operation is initiated immediately after, it overwrites the shared context in the DMA area. When the first operation's completion is processed later, it reads this corrupted context, leading to unexpected behavior and incorrect results. This commit fixes the race by introducing a private context within each IPSec offload object. The shared ASO context is now copied to this private context while the ASO spinlock is held. Subsequent processing uses this saved, per-object context, ensuring its integrity is maintained.

Details
INFO

Published Date :

April 3, 2026, 4:16 p.m.

Last Modified :

April 3, 2026, 4:16 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Impact
Affected Products

The following products are affected by CVE-2026-23441 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

: Total Affected Vendor : 0 | Products : 0
Solution
Fix race condition by using private contexts for IPSec offload operations.
  • Apply the kernel commit that introduces private contexts.
  • Ensure ASO spinlock protects context copying.
  • Verify hardware processing completes before spinlock release.
References
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2026-23441.

URL Resource
https://git.kernel.org/stable/c/2c6a5be0aee5a44066f68a332c30650900e32ad4
https://git.kernel.org/stable/c/6834d196107d5267dcad31b44211da7698e8f618
https://git.kernel.org/stable/c/99aaee927800ea00b441b607737f9f67b1899755
https://git.kernel.org/stable/c/99b36850d881e2d65912b2520a1c80d0fcc9429a
https://git.kernel.org/stable/c/c3db55dc0f3344b62da25b025a8396d78763b5fa
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2026-23441 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2026-23441 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2026-23441 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2026-23441 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Apr. 03, 2026

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent concurrent access to IPSec ASO context The query or updating IPSec offload object is through Access ASO WQE. The driver uses a single mlx5e_ipsec_aso struct for each PF, which contains a shared DMA-mapped context for all ASO operations. A race condition exists because the ASO spinlock is released before the hardware has finished processing WQE. If a second operation is initiated immediately after, it overwrites the shared context in the DMA area. When the first operation's completion is processed later, it reads this corrupted context, leading to unexpected behavior and incorrect results. This commit fixes the race by introducing a private context within each IPSec offload object. The shared ASO context is now copied to this private context while the ASO spinlock is held. Subsequent processing uses this saved, per-object context, ensuring its integrity is maintained.
    Added Reference https://git.kernel.org/stable/c/2c6a5be0aee5a44066f68a332c30650900e32ad4
    Added Reference https://git.kernel.org/stable/c/6834d196107d5267dcad31b44211da7698e8f618
    Added Reference https://git.kernel.org/stable/c/99aaee927800ea00b441b607737f9f67b1899755
    Added Reference https://git.kernel.org/stable/c/99b36850d881e2d65912b2520a1c80d0fcc9429a
    Added Reference https://git.kernel.org/stable/c/c3db55dc0f3344b62da25b025a8396d78763b5fa
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CVSS
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.