๐Ÿ” CVE Alert

CVE-2026-23447

UNKNOWN 0.0

net: usb: cdc_ncm: add ndpoffset to NDP32 nframes bounds check

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
6th

In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc_ncm: add ndpoffset to NDP32 nframes bounds check The same bounds-check bug fixed for NDP16 in the previous patch also exists in cdc_ncm_rx_verify_ndp32(). The DPE array size is validated against the total skb length without accounting for ndpoffset, allowing out-of-bounds reads when the NDP32 is placed near the end of the NTB. Add ndpoffset to the nframes bounds check and use struct_size_t() to express the NDP-plus-DPE-array size more clearly. Compile-tested only.

Vendor linux
Product linux
Ecosystems
Industries
Technology
Published Apr 3, 2026
Last Updated Apr 13, 2026
Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Linux / Linux
0fa81b304a7973a499f844176ca031109487dd31 < 125f932a76a97904ef8a555f1dd53e5d0e288c54 0fa81b304a7973a499f844176ca031109487dd31 < af0d1613d6751489dbf9f69aac1123f0b1e566e5 0fa81b304a7973a499f844176ca031109487dd31 < a5bd5a2710310c965ea4153cba4210988a3454e2 0fa81b304a7973a499f844176ca031109487dd31 < de70da1fb1d152e981ecb3157f7ec2b633005c16 0fa81b304a7973a499f844176ca031109487dd31 < 77914255155e68a20aa41175edeecf8121dac391 8cf7db86a8984ffa3a3388a8df12bc0aa4c79bd7 4ca8b8855264cf1439cdab3da7049bd1e3c2a9e6 a270ca35a9499b58366d696d3290eaa4697a42db
Linux / Linux
5.7

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
git.kernel.org: https://git.kernel.org/stable/c/125f932a76a97904ef8a555f1dd53e5d0e288c54 git.kernel.org: https://git.kernel.org/stable/c/af0d1613d6751489dbf9f69aac1123f0b1e566e5 git.kernel.org: https://git.kernel.org/stable/c/a5bd5a2710310c965ea4153cba4210988a3454e2 git.kernel.org: https://git.kernel.org/stable/c/de70da1fb1d152e981ecb3157f7ec2b633005c16 git.kernel.org: https://git.kernel.org/stable/c/77914255155e68a20aa41175edeecf8121dac391