{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T04:55:51.641","vulnerabilities":[{"cve":{"id":"CVE-2026-23459","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-04-03T16:16:32.833","lastModified":"2026-04-07T13:21:09.600","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nip_tunnel: adapt iptunnel_xmit_stats() to NETDEV_PCPU_STAT_DSTATS\n\nBlamed commits forgot that vxlan/geneve use udp_tunnel[6]_xmit_skb() which\ncall iptunnel_xmit_stats().\n\niptunnel_xmit_stats() was assuming tunnels were only using\nNETDEV_PCPU_STAT_TSTATS.\n\n@syncp offset in pcpu_sw_netstats and pcpu_dstats is different.\n\n32bit kernels would either have corruptions or freezes if the syncp\nsequence was overwritten.\n\nThis patch also moves pcpu_stat_type closer to dev->{t,d}stats to avoid\na potential cache line miss since iptunnel_xmit_stats() needs to read it."}],"metrics":{},"references":[{"url":"https://git.kernel.org/stable/c/0d087d00161f562d5047cc4009bb0c6a19daf9f1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/8431c602f551549f082bbfa67f3003f2d8e3e132","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}}]}