{"api_version":"1","generated_at":"2026-04-24T02:48:01+00:00","cve":"CVE-2026-23329","urls":{"html":"https://cve.report/CVE-2026-23329","api":"https://cve.report/api/cve/CVE-2026-23329.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-23329","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-23329"},"summary":{"title":"libie: don't unroll if fwlog isn't supported","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nlibie: don't unroll if fwlog isn't supported\n\nThe libie_fwlog_deinit() function can be called during driver unload\neven when firmware logging was never properly initialized. This led to call\ntrace:\n\n[  148.576156] Oops: Oops: 0000 [#1] SMP NOPTI\n[  148.576167] CPU: 80 UID: 0 PID: 12843 Comm: rmmod Kdump: loaded Not tainted 6.17.0-rc7next-queue-3oct-01915-g06d79d51cf51 #1 PREEMPT(full)\n[  148.576177] Hardware name: HPE ProLiant DL385 Gen10 Plus/ProLiant DL385 Gen10 Plus, BIOS A42 07/18/2020\n[  148.576182] RIP: 0010:__dev_printk+0x16/0x70\n[  148.576196] Code: 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 41 55 41 54 49 89 d4 55 48 89 fd 53 48 85 f6 74 3c <4c> 8b 6e 50 48 89 f3 4d 85 ed 75 03 4c 8b 2e 48 89 df e8 f3 27 98\n[  148.576204] RSP: 0018:ffffd2fd7ea17a48 EFLAGS: 00010202\n[  148.576211] RAX: ffffd2fd7ea17aa0 RBX: ffff8eb288ae2000 RCX: 0000000000000000\n[  148.576217] RDX: ffffd2fd7ea17a70 RSI: 00000000000000c8 RDI: ffffffffb68d3d88\n[  148.576222] RBP: ffffffffb68d3d88 R08: 0000000000000000 R09: 0000000000000000\n[  148.576227] R10: 00000000000000c8 R11: ffff8eb2b1a49400 R12: ffffd2fd7ea17a70\n[  148.576231] R13: ffff8eb3141fb000 R14: ffffffffc1215b48 R15: ffffffffc1215bd8\n[  148.576236] FS:  00007f5666ba6740(0000) GS:ffff8eb2472b9000(0000) knlGS:0000000000000000\n[  148.576242] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  148.576247] CR2: 0000000000000118 CR3: 000000011ad17000 CR4: 0000000000350ef0\n[  148.576252] Call Trace:\n[  148.576258]  <TASK>\n[  148.576269]  _dev_warn+0x7c/0x96\n[  148.576290]  libie_fwlog_deinit+0x112/0x117 [libie_fwlog]\n[  148.576303]  ixgbe_remove+0x63/0x290 [ixgbe]\n[  148.576342]  pci_device_remove+0x42/0xb0\n[  148.576354]  device_release_driver_internal+0x19c/0x200\n[  148.576365]  driver_detach+0x48/0x90\n[  148.576372]  bus_remove_driver+0x6d/0xf0\n[  148.576383]  pci_unregister_driver+0x2e/0xb0\n[  148.576393]  ixgbe_exit_module+0x1c/0xd50 [ixgbe]\n[  148.576430]  __do_sys_delete_module.isra.0+0x1bc/0x2e0\n[  148.576446]  do_syscall_64+0x7f/0x980\n\nIt can be reproduced by trying to unload ixgbe driver in recovery mode.\n\nFix that by checking if fwlog is supported before doing unroll.","state":"PUBLISHED","assigner":"Linux","published_at":"2026-03-25 11:16:30","updated_at":"2026-04-23 21:10:55"},"problem_types":["NVD-CWE-noinfo"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"5.5","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}}],"references":[{"url":"https://git.kernel.org/stable/c/0138d1cdb19fa49181a5aaba32427f1787cb3935","name":"https://git.kernel.org/stable/c/0138d1cdb19fa49181a5aaba32427f1787cb3935","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/460c56ecbef57684aad1d6af525b89dcd3565701","name":"https://git.kernel.org/stable/c/460c56ecbef57684aad1d6af525b89dcd3565701","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/636cc3bd12f499c74eaf5dc9a7d5b832f1bb24ed","name":"https://git.kernel.org/stable/c/636cc3bd12f499c74eaf5dc9a7d5b832f1bb24ed","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-23329","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23329","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 641585bc978e0a1170ca8f12fbb1468b3874a2db 0138d1cdb19fa49181a5aaba32427f1787cb3935 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 641585bc978e0a1170ca8f12fbb1468b3874a2db 460c56ecbef57684aad1d6af525b89dcd3565701 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 641585bc978e0a1170ca8f12fbb1468b3874a2db 636cc3bd12f499c74eaf5dc9a7d5b832f1bb24ed git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 6.18","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.18 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.18.17 6.18.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.19.7 6.19.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 7.0 * original_commit_for_fix","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2026","cve_id":"23329","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Linux","programFiles":["drivers/net/ethernet/intel/libie/fwlog.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThan":"0138d1cdb19fa49181a5aaba32427f1787cb3935","status":"affected","version":"641585bc978e0a1170ca8f12fbb1468b3874a2db","versionType":"git"},{"lessThan":"460c56ecbef57684aad1d6af525b89dcd3565701","status":"affected","version":"641585bc978e0a1170ca8f12fbb1468b3874a2db","versionType":"git"},{"lessThan":"636cc3bd12f499c74eaf5dc9a7d5b832f1bb24ed","status":"affected","version":"641585bc978e0a1170ca8f12fbb1468b3874a2db","versionType":"git"}]},{"defaultStatus":"affected","product":"Linux","programFiles":["drivers/net/ethernet/intel/libie/fwlog.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"status":"affected","version":"6.18"},{"lessThan":"6.18","status":"unaffected","version":"0","versionType":"semver"},{"lessThanOrEqual":"6.18.*","status":"unaffected","version":"6.18.17","versionType":"semver"},{"lessThanOrEqual":"6.19.*","status":"unaffected","version":"6.19.7","versionType":"semver"},{"lessThanOrEqual":"*","status":"unaffected","version":"7.0","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.18.17","versionStartIncluding":"6.18","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.19.7","versionStartIncluding":"6.18","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"7.0","versionStartIncluding":"6.18","vulnerable":true}],"negate":false,"operator":"OR"}]}],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nlibie: don't unroll if fwlog isn't supported\n\nThe libie_fwlog_deinit() function can be called during driver unload\neven when firmware logging was never properly initialized. This led to call\ntrace:\n\n[  148.576156] Oops: Oops: 0000 [#1] SMP NOPTI\n[  148.576167] CPU: 80 UID: 0 PID: 12843 Comm: rmmod Kdump: loaded Not tainted 6.17.0-rc7next-queue-3oct-01915-g06d79d51cf51 #1 PREEMPT(full)\n[  148.576177] Hardware name: HPE ProLiant DL385 Gen10 Plus/ProLiant DL385 Gen10 Plus, BIOS A42 07/18/2020\n[  148.576182] RIP: 0010:__dev_printk+0x16/0x70\n[  148.576196] Code: 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 41 55 41 54 49 89 d4 55 48 89 fd 53 48 85 f6 74 3c <4c> 8b 6e 50 48 89 f3 4d 85 ed 75 03 4c 8b 2e 48 89 df e8 f3 27 98\n[  148.576204] RSP: 0018:ffffd2fd7ea17a48 EFLAGS: 00010202\n[  148.576211] RAX: ffffd2fd7ea17aa0 RBX: ffff8eb288ae2000 RCX: 0000000000000000\n[  148.576217] RDX: ffffd2fd7ea17a70 RSI: 00000000000000c8 RDI: ffffffffb68d3d88\n[  148.576222] RBP: ffffffffb68d3d88 R08: 0000000000000000 R09: 0000000000000000\n[  148.576227] R10: 00000000000000c8 R11: ffff8eb2b1a49400 R12: ffffd2fd7ea17a70\n[  148.576231] R13: ffff8eb3141fb000 R14: ffffffffc1215b48 R15: ffffffffc1215bd8\n[  148.576236] FS:  00007f5666ba6740(0000) GS:ffff8eb2472b9000(0000) knlGS:0000000000000000\n[  148.576242] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  148.576247] CR2: 0000000000000118 CR3: 000000011ad17000 CR4: 0000000000350ef0\n[  148.576252] Call Trace:\n[  148.576258]  <TASK>\n[  148.576269]  _dev_warn+0x7c/0x96\n[  148.576290]  libie_fwlog_deinit+0x112/0x117 [libie_fwlog]\n[  148.576303]  ixgbe_remove+0x63/0x290 [ixgbe]\n[  148.576342]  pci_device_remove+0x42/0xb0\n[  148.576354]  device_release_driver_internal+0x19c/0x200\n[  148.576365]  driver_detach+0x48/0x90\n[  148.576372]  bus_remove_driver+0x6d/0xf0\n[  148.576383]  pci_unregister_driver+0x2e/0xb0\n[  148.576393]  ixgbe_exit_module+0x1c/0xd50 [ixgbe]\n[  148.576430]  __do_sys_delete_module.isra.0+0x1bc/0x2e0\n[  148.576446]  do_syscall_64+0x7f/0x980\n\nIt can be reproduced by trying to unload ixgbe driver in recovery mode.\n\nFix that by checking if fwlog is supported before doing unroll."}],"providerMetadata":{"dateUpdated":"2026-04-13T06:05:08.319Z","orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux"},"references":[{"url":"https://git.kernel.org/stable/c/0138d1cdb19fa49181a5aaba32427f1787cb3935"},{"url":"https://git.kernel.org/stable/c/460c56ecbef57684aad1d6af525b89dcd3565701"},{"url":"https://git.kernel.org/stable/c/636cc3bd12f499c74eaf5dc9a7d5b832f1bb24ed"}],"title":"libie: don't unroll if fwlog isn't supported","x_generator":{"engine":"bippy-1.2.0"}}},"cveMetadata":{"assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","assignerShortName":"Linux","cveId":"CVE-2026-23329","datePublished":"2026-03-25T10:27:21.212Z","dateReserved":"2026-01-13T15:37:45.996Z","dateUpdated":"2026-04-13T06:05:08.319Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-03-25 11:16:30","lastModifiedDate":"2026-04-23 21:10:55","problem_types":["NVD-CWE-noinfo"],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.18.1","versionEndExcluding":"6.18.17","matchCriteriaId":"07E9D8CD-82F0-4CC6-8038-BF71758D583C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.7","matchCriteriaId":"69245D10-0B71-485E-80C3-A64F077004D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.18:-:*:*:*:*:*:*","matchCriteriaId":"DCE57113-2223-4308-A0F2-5E6ECFBB3C23"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*","matchCriteriaId":"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*","matchCriteriaId":"F666C8D8-6538-46D4-B318-87610DE64C34"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*","matchCriteriaId":"02259FDA-961B-47BC-AE7F-93D7EC6E90C2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*","matchCriteriaId":"58A9FEFF-C040-420D-8F0A-BFDAAA1DF258"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*","matchCriteriaId":"1D2315C0-D46F-4F85-9754-F9E5E11374A6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*","matchCriteriaId":"512EE3A8-A590-4501-9A94-5D4B268D6138"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"23329","Ordinal":"1","Title":"libie: don't unroll if fwlog isn't supported","CVE":"CVE-2026-23329","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"23329","Ordinal":"1","NoteData":"In the Linux kernel, the following vulnerability has been resolved:\n\nlibie: don't unroll if fwlog isn't supported\n\nThe libie_fwlog_deinit() function can be called during driver unload\neven when firmware logging was never properly initialized. This led to call\ntrace:\n\n[  148.576156] Oops: Oops: 0000 [#1] SMP NOPTI\n[  148.576167] CPU: 80 UID: 0 PID: 12843 Comm: rmmod Kdump: loaded Not tainted 6.17.0-rc7next-queue-3oct-01915-g06d79d51cf51 #1 PREEMPT(full)\n[  148.576177] Hardware name: HPE ProLiant DL385 Gen10 Plus/ProLiant DL385 Gen10 Plus, BIOS A42 07/18/2020\n[  148.576182] RIP: 0010:__dev_printk+0x16/0x70\n[  148.576196] Code: 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 41 55 41 54 49 89 d4 55 48 89 fd 53 48 85 f6 74 3c <4c> 8b 6e 50 48 89 f3 4d 85 ed 75 03 4c 8b 2e 48 89 df e8 f3 27 98\n[  148.576204] RSP: 0018:ffffd2fd7ea17a48 EFLAGS: 00010202\n[  148.576211] RAX: ffffd2fd7ea17aa0 RBX: ffff8eb288ae2000 RCX: 0000000000000000\n[  148.576217] RDX: ffffd2fd7ea17a70 RSI: 00000000000000c8 RDI: ffffffffb68d3d88\n[  148.576222] RBP: ffffffffb68d3d88 R08: 0000000000000000 R09: 0000000000000000\n[  148.576227] R10: 00000000000000c8 R11: ffff8eb2b1a49400 R12: ffffd2fd7ea17a70\n[  148.576231] R13: ffff8eb3141fb000 R14: ffffffffc1215b48 R15: ffffffffc1215bd8\n[  148.576236] FS:  00007f5666ba6740(0000) GS:ffff8eb2472b9000(0000) knlGS:0000000000000000\n[  148.576242] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  148.576247] CR2: 0000000000000118 CR3: 000000011ad17000 CR4: 0000000000350ef0\n[  148.576252] Call Trace:\n[  148.576258]  <TASK>\n[  148.576269]  _dev_warn+0x7c/0x96\n[  148.576290]  libie_fwlog_deinit+0x112/0x117 [libie_fwlog]\n[  148.576303]  ixgbe_remove+0x63/0x290 [ixgbe]\n[  148.576342]  pci_device_remove+0x42/0xb0\n[  148.576354]  device_release_driver_internal+0x19c/0x200\n[  148.576365]  driver_detach+0x48/0x90\n[  148.576372]  bus_remove_driver+0x6d/0xf0\n[  148.576383]  pci_unregister_driver+0x2e/0xb0\n[  148.576393]  ixgbe_exit_module+0x1c/0xd50 [ixgbe]\n[  148.576430]  __do_sys_delete_module.isra.0+0x1bc/0x2e0\n[  148.576446]  do_syscall_64+0x7f/0x980\n\nIt can be reproduced by trying to unload ixgbe driver in recovery mode.\n\nFix that by checking if fwlog is supported before doing unroll.","Type":"Description","Title":"libie: don't unroll if fwlog isn't supported"}]}}}