HOMEVULNERABILITIESCVE-2026-23353
NONE

CVE-2026-23353

Published: March 25, 2026· Updated: Mar 25, 2026

EPSS:0.02%probability of exploitation in 30 daysPercentile:4.7th

Official Description

In the Linux kernel, the following vulnerability has been resolved:

ice: fix crash in ethtool offline loopback test

Since the conversion of ice to page pool, the ethtool loopback test

crashes:

BUG: kernel NULL pointer dereference, address: 000000000000000c

#PF: supervisor write access in kernel mode

#PF: error_code(0x0002) - not-present page

PGD 1100f1067 P4D 0

Oops: Oops: 0002 [#1] SMP NOPTI

CPU: 23 UID: 0 PID: 5904 Comm: ethtool Kdump: loaded Not tainted 6.19.0-0.rc7.260128g1f97d9dcf5364.49.eln154.x86_64 #1 PREEMPT(lazy)

Hardware name: [...]

RIP: 0010:ice_alloc_rx_bufs+0x1cd/0x310 [ice]

Code: 83 6c 24 30 01 66 41 89 47 08 0f 84 c0 00 00 00 41 0f b7 dc 48 8b 44 24 18 48 c1 e3 04 41 bb 00 10 00 00 48 8d 2c 18 8b 04 24 <89> 45 0c 41 8b 4d 00 49 d3 e3 44 3b 5c 24 24 0f 83 ac fe ff ff 44

RSP: 0018:ff7894738aa1f768 EFLAGS: 00010246

RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000

RDX: 0000000000000000 RSI: 0000000000000700 RDI: 0000000000000000

RBP: 0000000000000000 R08: ff16dcae79880200 R09: 0000000000000019

R10: 0000000000000001 R11: 0000000000001000 R12: 0000000000000000

R13: 0000000000000000 R14: 0000000000000000 R15: ff16dcae6c670000

FS: 00007fcf428850c0(0000) GS:ff16dcb149710000(0000) knlGS:0000000000000000

CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033

CR2: 000000000000000c CR3: 0000000121227005 CR4: 0000000000773ef0

PKRU: 55555554

Call Trace:

<TASK>

ice_vsi_cfg_rxq+0xca/0x460 [ice]

ice_vsi_cfg_rxqs+0x54/0x70 [ice]

ice_loopback_test+0xa9/0x520 [ice]

ice_self_test+0x1b9/0x280 [ice]

ethtool_self_test+0xe5/0x200

__dev_ethtool+0x1106/0x1a90

dev_ethtool+0xbe/0x1a0

dev_ioctl+0x258/0x4c0

sock_do_ioctl+0xe3/0x130

__x64_sys_ioctl+0xb9/0x100

do_syscall_64+0x7c/0x700

entry_SYSCALL_64_after_hwframe+0x76/0x7e

[...]

It crashes because we have not initialized libeth for the rx ring.

Fix it by treating ICE_VSI_LB VSIs slightly more like normal PF VSIs and

letting them have a q_vector. It's just a dummy, because the loopback

test does not use interrupts, but it contains a napi struct that can be

passed to libeth_rx_fq_create() called from ice_vsi_cfg_rxq() ->

ice_rxq_pp_create().

NVD Source

Technical Analysis

CVE-2026-23353 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

Affected Vendors & Products

Mentioned vendors (from description):
Linux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (2)

Quick Facts

CVE IDCVE-2026-23353
SeverityNONE
CISA KEVNo
EPSS (30d)0.02%
PublishedMar 25, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-23353 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.