{"api_version":"1","generated_at":"2026-04-22T05:31:14+00:00","cve":"CVE-2026-23445","urls":{"html":"https://cve.report/CVE-2026-23445","api":"https://cve.report/api/cve/CVE-2026-23445.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-23445","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-23445"},"summary":{"title":"igc: fix page fault in XDP TX timestamps handling","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix page fault in XDP TX timestamps handling\n\nIf an XDP application that requested TX timestamping is shutting down\nwhile the link of the interface in use is still up the following kernel\nsplat is reported:\n\n[  883.803618] [   T1554] BUG: unable to handle page fault for address: ffffcfb6200fd008\n...\n[  883.803650] [   T1554] Call Trace:\n[  883.803652] [   T1554]  <TASK>\n[  883.803654] [   T1554]  igc_ptp_tx_tstamp_event+0xdf/0x160 [igc]\n[  883.803660] [   T1554]  igc_tsync_interrupt+0x2d5/0x300 [igc]\n...\n\nDuring shutdown of the TX ring the xsk_meta pointers are left behind, so\nthat the IRQ handler is trying to touch them.\n\nThis issue is now being fixed by cleaning up the stale xsk meta data on\nTX shutdown. TX timestamps on other queues remain unaffected.","state":"PUBLISHED","assigner":"Linux","published_at":"2026-04-03 16:16:30","updated_at":"2026-04-07 13:21:09"},"problem_types":[],"metrics":[],"references":[{"url":"https://git.kernel.org/stable/c/5e4c90c94eb766d70e30694b7fe66862aabaf24b","name":"https://git.kernel.org/stable/c/5e4c90c94eb766d70e30694b7fe66862aabaf24b","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/b02fa17d1744d19cd3820bdbf6ec5d85547977bf","name":"https://git.kernel.org/stable/c/b02fa17d1744d19cd3820bdbf6ec5d85547977bf","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/45b33e805bd39f615d9353a7194b2da5281332df","name":"https://git.kernel.org/stable/c/45b33e805bd39f615d9353a7194b2da5281332df","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/31521c124e6488c4a81658e35199feb75a988d86","name":"https://git.kernel.org/stable/c/31521c124e6488c4a81658e35199feb75a988d86","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-23445","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23445","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 15fd021bc4270273d8f4b7f58fdda8a16214a377 5e4c90c94eb766d70e30694b7fe66862aabaf24b git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 15fd021bc4270273d8f4b7f58fdda8a16214a377 31521c124e6488c4a81658e35199feb75a988d86 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 15fd021bc4270273d8f4b7f58fdda8a16214a377 b02fa17d1744d19cd3820bdbf6ec5d85547977bf git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 15fd021bc4270273d8f4b7f58fdda8a16214a377 45b33e805bd39f615d9353a7194b2da5281332df git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 6.10","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.10 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.12.78 6.12.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.18.20 6.18.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.19.10 6.19.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 7.0-rc5 * original_commit_for_fix","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"23445","cve":"CVE-2026-23445","epss":"0.000180000","percentile":"0.044270000","score_date":"2026-04-07","updated_at":"2026-04-08 00:03:39"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Linux","programFiles":["drivers/net/ethernet/intel/igc/igc.h","drivers/net/ethernet/intel/igc/igc_main.c","drivers/net/ethernet/intel/igc/igc_ptp.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThan":"5e4c90c94eb766d70e30694b7fe66862aabaf24b","status":"affected","version":"15fd021bc4270273d8f4b7f58fdda8a16214a377","versionType":"git"},{"lessThan":"31521c124e6488c4a81658e35199feb75a988d86","status":"affected","version":"15fd021bc4270273d8f4b7f58fdda8a16214a377","versionType":"git"},{"lessThan":"b02fa17d1744d19cd3820bdbf6ec5d85547977bf","status":"affected","version":"15fd021bc4270273d8f4b7f58fdda8a16214a377","versionType":"git"},{"lessThan":"45b33e805bd39f615d9353a7194b2da5281332df","status":"affected","version":"15fd021bc4270273d8f4b7f58fdda8a16214a377","versionType":"git"}]},{"defaultStatus":"affected","product":"Linux","programFiles":["drivers/net/ethernet/intel/igc/igc.h","drivers/net/ethernet/intel/igc/igc_main.c","drivers/net/ethernet/intel/igc/igc_ptp.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"status":"affected","version":"6.10"},{"lessThan":"6.10","status":"unaffected","version":"0","versionType":"semver"},{"lessThanOrEqual":"6.12.*","status":"unaffected","version":"6.12.78","versionType":"semver"},{"lessThanOrEqual":"6.18.*","status":"unaffected","version":"6.18.20","versionType":"semver"},{"lessThanOrEqual":"6.19.*","status":"unaffected","version":"6.19.10","versionType":"semver"},{"lessThanOrEqual":"*","status":"unaffected","version":"7.0-rc5","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.12.78","versionStartIncluding":"6.10","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.18.20","versionStartIncluding":"6.10","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.19.10","versionStartIncluding":"6.10","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"7.0-rc5","versionStartIncluding":"6.10","vulnerable":true}],"negate":false,"operator":"OR"}]}],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix page fault in XDP TX timestamps handling\n\nIf an XDP application that requested TX timestamping is shutting down\nwhile the link of the interface in use is still up the following kernel\nsplat is reported:\n\n[  883.803618] [   T1554] BUG: unable to handle page fault for address: ffffcfb6200fd008\n...\n[  883.803650] [   T1554] Call Trace:\n[  883.803652] [   T1554]  <TASK>\n[  883.803654] [   T1554]  igc_ptp_tx_tstamp_event+0xdf/0x160 [igc]\n[  883.803660] [   T1554]  igc_tsync_interrupt+0x2d5/0x300 [igc]\n...\n\nDuring shutdown of the TX ring the xsk_meta pointers are left behind, so\nthat the IRQ handler is trying to touch them.\n\nThis issue is now being fixed by cleaning up the stale xsk meta data on\nTX shutdown. TX timestamps on other queues remain unaffected."}],"providerMetadata":{"dateUpdated":"2026-04-03T15:15:29.194Z","orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux"},"references":[{"url":"https://git.kernel.org/stable/c/5e4c90c94eb766d70e30694b7fe66862aabaf24b"},{"url":"https://git.kernel.org/stable/c/31521c124e6488c4a81658e35199feb75a988d86"},{"url":"https://git.kernel.org/stable/c/b02fa17d1744d19cd3820bdbf6ec5d85547977bf"},{"url":"https://git.kernel.org/stable/c/45b33e805bd39f615d9353a7194b2da5281332df"}],"title":"igc: fix page fault in XDP TX timestamps handling","x_generator":{"engine":"bippy-1.2.0"}}},"cveMetadata":{"assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","assignerShortName":"Linux","cveId":"CVE-2026-23445","datePublished":"2026-04-03T15:15:29.194Z","dateReserved":"2026-01-13T15:37:46.019Z","dateUpdated":"2026-04-03T15:15:29.194Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-04-03 16:16:30","lastModifiedDate":"2026-04-07 13:21:09","problem_types":[],"metrics":[],"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"23445","Ordinal":"1","Title":"igc: fix page fault in XDP TX timestamps handling","CVE":"CVE-2026-23445","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"23445","Ordinal":"1","NoteData":"In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix page fault in XDP TX timestamps handling\n\nIf an XDP application that requested TX timestamping is shutting down\nwhile the link of the interface in use is still up the following kernel\nsplat is reported:\n\n[  883.803618] [   T1554] BUG: unable to handle page fault for address: ffffcfb6200fd008\n...\n[  883.803650] [   T1554] Call Trace:\n[  883.803652] [   T1554]  <TASK>\n[  883.803654] [   T1554]  igc_ptp_tx_tstamp_event+0xdf/0x160 [igc]\n[  883.803660] [   T1554]  igc_tsync_interrupt+0x2d5/0x300 [igc]\n...\n\nDuring shutdown of the TX ring the xsk_meta pointers are left behind, so\nthat the IRQ handler is trying to touch them.\n\nThis issue is now being fixed by cleaning up the stale xsk meta data on\nTX shutdown. TX timestamps on other queues remain unaffected.","Type":"Description","Title":"igc: fix page fault in XDP TX timestamps handling"}]}}}