Cyber Resilience

CVE-2026-23453

HighUpdated

Published: 03 April 2026

Published
03 April 2026
Modified
26 May 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0006 18.9th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-23453 is a high-severity Missing Release of Memory after Effective Lifetime (CWE-401) vulnerability in Linux Linux Kernel. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 18.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-6 (Resource Availability) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-23453 is a memory leak vulnerability in the Linux kernel's ti: icssg-prueth driver, which handles networking for Texas Instruments ICSSG PRU Ethernet devices. The issue arises in the XDP_DROP path of emac_run_xdp() when operating in non-zero-copy mode (standard page pool mode). Page recycling was removed to avoid conflicts with AF_XDP zero-copy mode, but this prevents pages from being returned to the page pool, resulting in gradual memory exhaustion and potential out-of-memory (OOM) conditions. The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Remote attackers can exploit this vulnerability over the network with low complexity and no privileges or user interaction required. By sending traffic that triggers XDP programs dropping packets in non-zero-copy mode, an attacker can repeatedly leak pages, leading to memory exhaustion, invocation of the OOM killer, and potential denial-of-service through system instability or crashes.

The provided kernel patch commits mitigate the issue by moving cleanup responsibility to the caller, emac_rx_packet(). When emac_run_xdp() returns ICSSG_XDP_CONSUMED for XDP_DROP, the caller now recycles the page back to the page pool. The zero-copy path in emac_rx_packet_zc() already handles cleanup correctly via xsk_buff_free(). Security practitioners should apply these stable kernel fixes from the referenced commits: https://git.kernel.org/stable/c/719d3e71691db7c4f1658ba5a6d1472928121594 and https://git.kernel.org/stable/c/d16d57dedcb69c1a1257e0638f8698ce1f0ccbe5.

EU & UK References

Vulnerability details

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fix memory leak in XDP_DROP for non-zero-copy mode Page recycling was removed from the XDP_DROP path in emac_run_xdp() to avoid conflicts with AF_XDP zero-copy mode, which uses…

more

xsk_buff_free() instead. However, this causes a memory leak when running XDP programs that drop packets in non-zero-copy mode (standard page pool mode). The pages are never returned to the page pool, leading to OOM conditions. Fix this by handling cleanup in the caller, emac_rx_packet(). When emac_run_xdp() returns ICSSG_XDP_CONSUMED for XDP_DROP, the caller now recycles the page back to the page pool. The zero-copy path, emac_rx_packet_zc() already handles cleanup correctly with xsk_buff_free().

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Memory leak in network driver directly enables remote exploitation for system-wide resource exhaustion and OOM-induced denial of service.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-31640Same product: Linux Linux Kernel
CVE-2026-23095Same product: Linux Linux Kernel
CVE-2026-23350Same product: Linux Linux Kernel
CVE-2026-31711Same product: Linux Linux Kernel
CVE-2026-23388Same product: Linux Linux Kernel
CVE-2026-23242Same product: Linux Linux Kernel
CVE-2026-22991Same product: Linux Linux Kernel
CVE-2025-21717Same product: Linux Linux Kernel
CVE-2026-23444Same product: Linux Linux Kernel
CVE-2026-23459Same product: Linux Linux Kernel

Affected Assets

linux
linux kernel
7.0 · 6.19 — 6.19.10

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the memory leak vulnerability by requiring timely application of kernel patches that restore page recycling in the icssg-prueth driver's XDP_DROP path for non-zero-copy mode.

prevent

Protects memory resource availability through allocation, de-allocation, and exhaustion prevention mechanisms, countering the gradual page pool depletion leading to OOM in the affected driver.

prevent

Limits the effects of remote DoS attacks exploiting the memory leak by implementing controls to prevent or mitigate network-induced resource exhaustion.

References