PatchSiren cyber security CVE debrief
CVE-2026-23379 Linux CVE debrief
A divide by zero vulnerability was found in the Linux kernel's net/sched: ets offload path. This vulnerability can cause a kernel panic. The issue arises from using unsigned integers for 'q_sum' and 'q_psum', which can overflow and cause division by zero. Affected systems include those running Linux kernel versions 5.6.1 to 5.10.253, 5.11 to 5.15.203, 5.16 to 6.1.167, 6.2 to 6.6.130, 6.7 to 6.12.77, 6.13 to 6.18.17, and 6.19 to 6.19.7.
- Vendor
- Linux
- Product
- Unknown
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-03-25
- Original CVE updated
- 2026-07-14
- Advisory published
- 2026-03-25
- Advisory updated
- 2026-07-14
Who should care
System administrators and users of Linux kernel versions 5.6.1 to 5.10.253, 5.11 to 5.15.203, 5.16 to 6.1.167, 6.2 to 6.6.130, 6.7 to 6.12.77, 6.13 to 6.18.17, and 6.19 to 6.19.7 should be aware of this vulnerability.
Technical summary
The vulnerability is caused by using unsigned integers for 'q_sum' and 'q_psum' in the ets offload path of the Linux kernel. This can lead to an overflow and division by zero, causing a kernel panic. The issue can be fixed by using 64-bit integers for 'q_sum' and 'q_psum'. System administrators should update Linux kernel to version 5.10.254 or later, 5.15.204 or later, 6.1.168 or later, 6.6.131 or later, 6.7 or later, 6.12.78 or later, 6.18.18 or later, or 6.19.8 or later.
Defensive priority
Medium
Recommended defensive actions
- Update Linux kernel to version 5.10.254 or later, 5.15.204 or later, 6.1.168 or later, 6.6.131 or later, 6.7 or later, 6.12.78 or later, 6.18.18 or later, or 6.19.8 or later
- Apply patches from Linux kernel stable branches
- Monitor system logs for signs of kernel panics
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
Evidence notes
The CVE record was published on 2026-03-25T11:16:37.827Z and last modified on 2026-07-14T13:18:31.703Z. The NVD entry is currently Modified. This vulnerability affects Linux kernel versions 5.6.1 to 5.10.253, 5.11 to 5.15.203, 5.16 to 6.1.167, 6.2 to 6.6.130, 6.7 to 6.12.77, 6.13 to 6.18.17, and 6.19 to 6.19.7. Defenders should verify system configurations and review logs for signs of kernel panics.
Official resources
-
CVE-2026-23379 CVE record
CVE.org
-
CVE-2026-23379 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-03-25T11:16:37.827Z and has not been modified since then.