igc: fix page fault in XDP TX timestamps handling

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

In the Linux kernel, the following vulnerability has been resolved:

igc: fix page fault in XDP TX timestamps handling

If an XDP application that requested TX timestamping is shutting down
while the link of the interface in use is still up the following kernel
splat is reported:

[ 883.803618] [ T1554] BUG: unable to handle page fault for address: ffffcfb6200fd008
...
[ 883.803650] [ T1554] Call Trace:
[ 883.803652] [ T1554] <TASK>
[ 883.803654] [ T1554] igc_ptp_tx_tstamp_event+0xdf/0x160 [igc]
[ 883.803660] [ T1554] igc_tsync_interrupt+0x2d5/0x300 [igc]
...

During shutdown of the TX ring the xsk_meta pointers are left behind, so
that the IRQ handler is trying to touch them.

This issue is now being fixed by cleaning up the stale xsk meta data on
TX shutdown. TX timestamps on other queues remain unaffected.

Basic Information

ID CVE-2026-23445

Source Linux

Published Apr 3, 2026 at 15:15

Modified Apr 27, 2026 at 14:02

Affected Product

Vendor Linux

Product Linux

Version 15fd021bc4270273d8f4b7f58fdda8a16214a377

Affected Versions Linux Linux 15fd021bc4270273d8f4b7f58fdda8a16214a377
Linux Linux 15fd021bc4270273d8f4b7f58fdda8a16214a377
Linux Linux 15fd021bc4270273d8f4b7f58fdda8a16214a377
Linux Linux 15fd021bc4270273d8f4b7f58fdda8a16214a377
Linux Linux 6.10

References

{
    "lastseen": "",
    "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix page fault in XDP TX timestamps handling\n\nIf an XDP application that requested TX timestamping is shutting down\nwhile the link of the interface in use is still up the following kernel\nsplat is reported:\n\n[  883.803618] [   T1554] BUG: unable to handle page fault for address: ffffcfb6200fd008\n...\n[  883.803650] [   T1554] Call Trace:\n[  883.803652] [   T1554]  <TASK>\n[  883.803654] [   T1554]  igc_ptp_tx_tstamp_event+0xdf/0x160 [igc]\n[  883.803660] [   T1554]  igc_tsync_interrupt+0x2d5/0x300 [igc]\n...\n\nDuring shutdown of the TX ring the xsk_meta pointers are left behind, so\nthat the IRQ handler is trying to touch them.\n\nThis issue is now being fixed by cleaning up the stale xsk meta data on\nTX shutdown. TX timestamps on other queues remain unaffected.",
    "published": "2026-04-03T15:15:29.194Z",
    "modified": "2026-04-27T14:02:27.584Z",
    "type": "cve",
    "title": "igc: fix page fault in XDP TX timestamps handling",
    "source": "Linux",
    "references": "https://git.kernel.org/stable/c/5e4c90c94eb766d70e30694b7fe66862aabaf24b\nhttps://git.kernel.org/stable/c/31521c124e6488c4a81658e35199feb75a988d86\nhttps://git.kernel.org/stable/c/b02fa17d1744d19cd3820bdbf6ec5d85547977bf\nhttps://git.kernel.org/stable/c/45b33e805bd39f615d9353a7194b2da5281332df",
    "id": "CVE-2026-23445",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Linux Linux 15fd021bc4270273d8f4b7f58fdda8a16214a377\nLinux Linux 15fd021bc4270273d8f4b7f58fdda8a16214a377\nLinux Linux 15fd021bc4270273d8f4b7f58fdda8a16214a377\nLinux Linux 15fd021bc4270273d8f4b7f58fdda8a16214a377\nLinux Linux 6.10",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Linux",
    "version": "15fd021bc4270273d8f4b7f58fdda8a16214a377",
    "vendor": "Linux",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

igc: fix page fault in XDP TX timestamps handling_CVE-2026-23445

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply