{"id":"CVE-2026-23274","summary":"netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels\n\nIDLETIMER revision 0 rules reuse existing timers by label and always call\nmod_timer() on timer-\u003etimer.\n\nIf the label was created first by revision 1 with XT_IDLETIMER_ALARM,\nthe object uses alarm timer semantics and timer-\u003etimer is never initialized.\nReusing that object from revision 0 causes mod_timer() on an uninitialized\ntimer_list, triggering debugobjects warnings and possible panic when\npanic_on_warn=1.\n\nFix this by rejecting revision 0 rule insertion when an existing timer with\nthe same label is of ALARM type.","modified":"2026-04-16T08:44:13.043142309Z","published":"2026-03-20T08:08:54.918Z","related":["SUSE-SU-2026:1342-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23274.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/28c7cfaf0c0ab17cbd7754092116fd1af45271f9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/329f0b9b48ee6ab59d1ab72fef55fe8c6463a6cf"},{"type":"WEB","url":"https://git.kernel.org/stable/c/54080355999381fed4a26129579a5765bab87491"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5e7ece24c5cb75a60402aad4d803c7898ea40aa9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f228b9ae2a7e84d1153616d8e71c4236cb1f1309"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f5ef97c13165542480a6ffdbe6f09f40bbb7cbf1"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23274.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23274"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"68983a354a655c35d3fb204489d383a2a051fda7"},{"fixed":"28c7cfaf0c0ab17cbd7754092116fd1af45271f9"},{"fixed":"54080355999381fed4a26129579a5765bab87491"},{"fixed":"5e7ece24c5cb75a60402aad4d803c7898ea40aa9"},{"fixed":"f5ef97c13165542480a6ffdbe6f09f40bbb7cbf1"},{"fixed":"f228b9ae2a7e84d1153616d8e71c4236cb1f1309"},{"fixed":"329f0b9b48ee6ab59d1ab72fef55fe8c6463a6cf"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23274.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.7.0"},{"fixed":"6.1.167"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.130"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.78"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.19"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"6.19.9"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23274.json"}}],"schema_version":"1.7.5"}