Vulnerability-Lookup

CVE-2026-23352 (GCVE-0-2026-23352)

Vulnerability from cvelistv5 – Published: 2026-03-25 10:27 – Updated: 2026-03-25 10:27

Title

x86/efi: defer freeing of boot services memory

Summary

In the Linux kernel, the following vulnerability has been resolved: x86/efi: defer freeing of boot services memory efi_free_boot_services() frees memory occupied by EFI_BOOT_SERVICES_CODE and EFI_BOOT_SERVICES_DATA using memblock_free_late(). There are two issue with that: memblock_free_late() should be used for memory allocated with memblock_alloc() while the memory reserved with memblock_reserve() should be freed with free_reserved_area(). More acutely, with CONFIG_DEFERRED_STRUCT_PAGE_INIT=y efi_free_boot_services() is called before deferred initialization of the memory map is complete. Benjamin Herrenschmidt reports that this causes a leak of ~140MB of RAM on EC2 t3a.nano instances which only have 512MB or RAM. If the freed memory resides in the areas that memory map for them is still uninitialized, they won't be actually freed because memblock_free_late() calls memblock_free_pages() and the latter skips uninitialized pages. Using free_reserved_area() at this point is also problematic because __free_page() accesses the buddy of the freed page and that again might end up in uninitialized part of the memory map. Delaying the entire efi_free_boot_services() could be problematic because in addition to freeing boot services memory it updates efi.memmap without any synchronization and that's undesirable late in boot when there is concurrency. More robust approach is to only defer freeing of the EFI boot services memory. Split efi_free_boot_services() in two. First efi_unmap_boot_services() collects ranges that should be freed into an array then efi_free_boot_services() later frees them after deferred init is complete.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

WID-SEC-W-2026-0861

Vulnerability from csaf_certbund - Published: 2026-03-24 23:00 - Updated: 2026-03-25 23:00

Summary

Linux Kernel: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service zu verursachen, Sicherheitsmaßnahmen zu umgehen, Informationen offenzulegen, weitere nicht spezifizierte Auswirkungen zu verursachen und potentiell Code auszuführen.

Betroffene Betriebssysteme: - Linux

CVE-2026-23279

CVE-2026-23280

CVE-2026-23281

CVE-2026-23282

CVE-2026-23283

CVE-2026-23284

CVE-2026-23285

CVE-2026-23286

CVE-2026-23287

CVE-2026-23288

CVE-2026-23289

CVE-2026-23290

CVE-2026-23291

CVE-2026-23292

CVE-2026-23293

CVE-2026-23294

CVE-2026-23295

CVE-2026-23296

CVE-2026-23297

CVE-2026-23298

CVE-2026-23299

CVE-2026-23300

CVE-2026-23301

CVE-2026-23302

CVE-2026-23303

CVE-2026-23304

CVE-2026-23305

CVE-2026-23306

CVE-2026-23307

CVE-2026-23308

CVE-2026-23309

CVE-2026-23310

CVE-2026-23311

CVE-2026-23312

CVE-2026-23313

CVE-2026-23314

CVE-2026-23315

CVE-2026-23316

CVE-2026-23317

CVE-2026-23318

CVE-2026-23319

CVE-2026-23320

CVE-2026-23321

CVE-2026-23322

CVE-2026-23323

CVE-2026-23324

CVE-2026-23325

CVE-2026-23326

CVE-2026-23327

CVE-2026-23328

CVE-2026-23329

CVE-2026-23330

CVE-2026-23331

CVE-2026-23332

CVE-2026-23333

CVE-2026-23334

CVE-2026-23335

CVE-2026-23336

CVE-2026-23337

CVE-2026-23338

CVE-2026-23339

CVE-2026-23340

CVE-2026-23341

CVE-2026-23342

CVE-2026-23343

CVE-2026-23344

CVE-2026-23345

CVE-2026-23346

CVE-2026-23347

CVE-2026-23348

CVE-2026-23349

CVE-2026-23350

CVE-2026-23351

CVE-2026-23352

CVE-2026-23353

CVE-2026-23354

CVE-2026-23355

CVE-2026-23356

CVE-2026-23357

CVE-2026-23358

CVE-2026-23359

CVE-2026-23360

CVE-2026-23361

CVE-2026-23362

CVE-2026-23363

CVE-2026-23364

CVE-2026-23365

CVE-2026-23366

CVE-2026-23367

CVE-2026-23368

CVE-2026-23369

CVE-2026-23370

CVE-2026-23371

CVE-2026-23372

CVE-2026-23373

CVE-2026-23374

CVE-2026-23375

CVE-2026-23376

CVE-2026-23377

CVE-2026-23378

CVE-2026-23379

CVE-2026-23380

CVE-2026-23381

CVE-2026-23382

CVE-2026-23383

CVE-2026-23384

CVE-2026-23385

CVE-2026-23386

CVE-2026-23387

CVE-2026-23388

CVE-2026-23389

CVE-2026-23390

CVE-2026-23391

CVE-2026-23392

CVE-2026-23393

CVE-2026-23394

CVE-2026-23395

References

URL

Category

	https://wid.cert-bund.de/.well-known/csaf/white/2…	self
	https://wid.cert-bund.de/portal/wid/securityadvis…	self
	https://lore.kernel.org/linux-cve-announce/	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external
	https://lore.kernel.org/linux-cve-announce/202603…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service zu verursachen, Sicherheitsma\u00dfnahmen zu umgehen, Informationen offenzulegen, weitere nicht spezifizierte Auswirkungen zu verursachen und potentiell Code auszuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0861 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0861.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0861 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0861"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23279",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032522-CVE-2026-23279-cf34@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23280",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23280-cd9e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23281",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23281-2e62@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23282",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23282-bad0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23283",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23283-3d92@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23284",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23284-ca53@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23285",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23285-ad41@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23286",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23286-8a7e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23287",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23287-93b2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23288",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23288-1d11@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23289",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23289-aa54@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23290",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23290-af97@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23291",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23291-eae3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23292",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23292-67e8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23293",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23293-b422@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23294",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23294-1682@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23295",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23295-59d2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23296",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23296-eb4a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23297",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23297-bcad@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23298",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23298-fad9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23299",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23299-6471@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23300",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23300-9bc4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23301",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23301-09e7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23302",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23302-e03d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23303",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23303-8e38@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23304",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23304-485b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23305",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23305-5fa4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23306",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23306-8854@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23307",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23307-60f2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23308",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23308-1e72@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23309",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23309-4243@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23310",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23310-9b67@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23311",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23311-8c0b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23312",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23312-2b11@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23313",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23313-925e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23314",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23314-166c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23315",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23315-9ac1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23316",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23316-2ce3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23317",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23317-0e9e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23318",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23318-bef0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23319",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23319-1e3d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23320",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23320-0ae7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23321",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23321-6059@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23322",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23322-9fd3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23323",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23323-53db@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23324",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23324-bc9e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23325",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23325-4e3b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23326",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23326-ffc6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23327",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23327-c497@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23328",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23328-9600@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23329",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23329-c743@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23330",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23330-00fd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23331",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23331-735b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23332",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23332-50e0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23333",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23333-417f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23334",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23334-1b12@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23335",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23335-602d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23336",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23336-d365@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23337",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23337-5018@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23338",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23338-67c7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23339",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23339-263f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23340",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23340-1aa9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23341",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23341-3f7b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23342",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23342-8456@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23343",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23343-dc2b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23344",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23344-0279@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23345",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23345-c154@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23346",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23346-faed@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23347",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23347-fa08@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23348",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23348-e792@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23349",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23349-aa6a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23350",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23350-f4be@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23351",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23351-637f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23352",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23352-18f2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23353",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23353-d0c3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23354",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23354-d9b2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23355",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23355-86df@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23356",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23356-0014@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23357",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23357-605e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23358",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23358-1042@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23359",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23359-35fd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23360",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23360-c464@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23361",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23361-bd5c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23362",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23362-40bd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23363",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23363-3e24@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23364",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23364-4267@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23365",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23365-76d3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23366",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23366-a7c4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23367",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23367-6e44@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23368",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23368-c240@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23369",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23369-b6c6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23370",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23370-02d2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23371",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23371-1b32@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23372",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23372-7bc9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23373",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23373-0203@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23374",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23374-9345@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23375",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23375-91b1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23376",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23376-114a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23377",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23377-cb04@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23378",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23378-f329@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23379",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23379-3b2d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23380",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23380-9e3c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23381",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23381-378d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23382",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23382-26fe@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23383",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23383-f205@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23384",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23384-489a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23385",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23385-3414@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23386",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23386-acc4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23387",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23387-4399@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23388",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23388-9e71@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23389",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23389-2056@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23390",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23390-7146@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23391",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032548-CVE-2026-23391-bb43@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23392",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032548-CVE-2026-23392-fd9d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23393",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032548-CVE-2026-23393-c395@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23394",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032549-CVE-2026-23394-9205@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23395",
        "url": "https://lore.kernel.org/linux-cve-announce/2026032549-CVE-2026-23395-5e50@gregkh/"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-03-25T23:00:00.000+00:00",
      "generator": {
        "date": "2026-03-26T07:56:13.854+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-0861",
      "initial_release_date": "2026-03-24T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-03-24T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-03-25T23:00:00.000+00:00",
          "number": "2",
          "summary": "Referenz(en) aufgenommen: EUVD-2026-15382, EUVD-2026-15378, EUVD-2026-15381, EUVD-2026-15376, EUVD-2026-15374, EUVD-2026-15372, EUVD-2026-15371, EUVD-2026-15367, EUVD-2026-15368, EUVD-2026-15363, EUVD-2026-15365, EUVD-2026-15362, EUVD-2026-15359, EUVD-2026-15357, EUVD-2026-15355, EUVD-2026-15353, EUVD-2026-15351, EUVD-2026-15350, EUVD-2026-15345, EUVD-2026-15343, EUVD-2026-15344, EUVD-2026-15342, EUVD-2026-15336, EUVD-2026-15340, EUVD-2026-15339, EUVD-2026-15334, EUVD-2026-15332, EUVD-2026-15330, EUVD-2026-15328, EUVD-2026-15325, EUVD-2026-15329, EUVD-2026-15321, EUVD-2026-15323, EUVD-2026-15319, EUVD-2026-15317, EUVD-2026-15313, EUVD-2026-15312, EUVD-2026-15311, EUVD-2026-15310, EUVD-2026-15309, EUVD-2026-15308, EUVD-2026-15305, EUVD-2026-15307, EUVD-2026-15304, EUVD-2026-15299, EUVD-2026-15298, EUVD-2026-15295, EUVD-2026-15293, EUVD-2026-15292, EUVD-2026-15289, EUVD-2026-15287, EUVD-2026-15285, EUVD-2026-15284, EUVD-2026-15279, EUVD-2026-15278, EUVD-2026-15277, EUVD-2026-15276, EUVD-2026-15272, EUVD-2026-15274, EUVD-2026-15271, EUVD-2026-15269, EUVD-2026-15267, EUVD-2026-15263, EUVD-2026-15261, EUVD-2026-15258, EUVD-2026-15256, EUVD-2026-15254, EUVD-2026-15253, EUVD-2026-15252, EUVD-2026-15251, EUVD-2026-15250, EUVD-2026-15245, EUVD-2026-15248, EUVD-2026-15242, EUVD-2026-15238, EUVD-2026-15240, EUVD-2026-15235, EUVD-2026-15236, EUVD-2026-15234, EUVD-2026-15231, EUVD-2026-15233, EUVD-2026-15227, EUVD-2026-15224, EUVD-2026-15225, EUVD-2026-15221, EUVD-2026-15220, EUVD-2026-15218, EUVD-2026-15219, EUVD-2026-15216, EUVD-2026-15215, EUVD-2026-15211, EUVD-2026-15206, EUVD-2026-15208, EUVD-2026-15204, EUVD-2026-15200, EUVD-2026-15203, EUVD-2026-15198, EUVD-2026-15366, EUVD-2026-15384, EUVD-2026-15387, EUVD-2026-15388, EUVD-2026-15390, EUVD-2026-15392, EUVD-2026-15393, EUVD-2026-15394, EUVD-2026-15396, EUVD-2026-15398, EUVD-2026-15281, EUVD-2026-15348, EUVD-2026-15391, EUVD-2026-15331, EUVD-2026-15315, EUVD-2026-15301, EUVD-2026-15264, EUVD-2026-15246, EUVD-2026-15230, EUVD-2026-15212"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T028462",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:unspecified"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-23279",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23279"
    },
    {
      "cve": "CVE-2026-23280",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23280"
    },
    {
      "cve": "CVE-2026-23281",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23281"
    },
    {
      "cve": "CVE-2026-23282",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23282"
    },
    {
      "cve": "CVE-2026-23283",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23283"
    },
    {
      "cve": "CVE-2026-23284",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23284"
    },
    {
      "cve": "CVE-2026-23285",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23285"
    },
    {
      "cve": "CVE-2026-23286",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23286"
    },
    {
      "cve": "CVE-2026-23287",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23287"
    },
    {
      "cve": "CVE-2026-23288",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23288"
    },
    {
      "cve": "CVE-2026-23289",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23289"
    },
    {
      "cve": "CVE-2026-23290",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23290"
    },
    {
      "cve": "CVE-2026-23291",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23291"
    },
    {
      "cve": "CVE-2026-23292",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23292"
    },
    {
      "cve": "CVE-2026-23293",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23293"
    },
    {
      "cve": "CVE-2026-23294",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23294"
    },
    {
      "cve": "CVE-2026-23295",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23295"
    },
    {
      "cve": "CVE-2026-23296",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23296"
    },
    {
      "cve": "CVE-2026-23297",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23297"
    },
    {
      "cve": "CVE-2026-23298",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23298"
    },
    {
      "cve": "CVE-2026-23299",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23299"
    },
    {
      "cve": "CVE-2026-23300",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23300"
    },
    {
      "cve": "CVE-2026-23301",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23301"
    },
    {
      "cve": "CVE-2026-23302",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23302"
    },
    {
      "cve": "CVE-2026-23303",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23303"
    },
    {
      "cve": "CVE-2026-23304",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23304"
    },
    {
      "cve": "CVE-2026-23305",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23305"
    },
    {
      "cve": "CVE-2026-23306",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23306"
    },
    {
      "cve": "CVE-2026-23307",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23307"
    },
    {
      "cve": "CVE-2026-23308",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23308"
    },
    {
      "cve": "CVE-2026-23309",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23309"
    },
    {
      "cve": "CVE-2026-23310",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23310"
    },
    {
      "cve": "CVE-2026-23311",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23311"
    },
    {
      "cve": "CVE-2026-23312",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23312"
    },
    {
      "cve": "CVE-2026-23313",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23313"
    },
    {
      "cve": "CVE-2026-23314",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23314"
    },
    {
      "cve": "CVE-2026-23315",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23315"
    },
    {
      "cve": "CVE-2026-23316",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23316"
    },
    {
      "cve": "CVE-2026-23317",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23317"
    },
    {
      "cve": "CVE-2026-23318",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23318"
    },
    {
      "cve": "CVE-2026-23319",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23319"
    },
    {
      "cve": "CVE-2026-23320",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23320"
    },
    {
      "cve": "CVE-2026-23321",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23321"
    },
    {
      "cve": "CVE-2026-23322",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23322"
    },
    {
      "cve": "CVE-2026-23323",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23323"
    },
    {
      "cve": "CVE-2026-23324",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23324"
    },
    {
      "cve": "CVE-2026-23325",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23325"
    },
    {
      "cve": "CVE-2026-23326",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23326"
    },
    {
      "cve": "CVE-2026-23327",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23327"
    },
    {
      "cve": "CVE-2026-23328",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23328"
    },
    {
      "cve": "CVE-2026-23329",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23329"
    },
    {
      "cve": "CVE-2026-23330",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23330"
    },
    {
      "cve": "CVE-2026-23331",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23331"
    },
    {
      "cve": "CVE-2026-23332",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23332"
    },
    {
      "cve": "CVE-2026-23333",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23333"
    },
    {
      "cve": "CVE-2026-23334",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23334"
    },
    {
      "cve": "CVE-2026-23335",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23335"
    },
    {
      "cve": "CVE-2026-23336",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23336"
    },
    {
      "cve": "CVE-2026-23337",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23337"
    },
    {
      "cve": "CVE-2026-23338",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23338"
    },
    {
      "cve": "CVE-2026-23339",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23339"
    },
    {
      "cve": "CVE-2026-23340",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23340"
    },
    {
      "cve": "CVE-2026-23341",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23341"
    },
    {
      "cve": "CVE-2026-23342",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23342"
    },
    {
      "cve": "CVE-2026-23343",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23343"
    },
    {
      "cve": "CVE-2026-23344",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23344"
    },
    {
      "cve": "CVE-2026-23345",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23345"
    },
    {
      "cve": "CVE-2026-23346",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23346"
    },
    {
      "cve": "CVE-2026-23347",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23347"
    },
    {
      "cve": "CVE-2026-23348",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23348"
    },
    {
      "cve": "CVE-2026-23349",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23349"
    },
    {
      "cve": "CVE-2026-23350",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23350"
    },
    {
      "cve": "CVE-2026-23351",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23351"
    },
    {
      "cve": "CVE-2026-23352",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23352"
    },
    {
      "cve": "CVE-2026-23353",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23353"
    },
    {
      "cve": "CVE-2026-23354",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23354"
    },
    {
      "cve": "CVE-2026-23355",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23355"
    },
    {
      "cve": "CVE-2026-23356",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23356"
    },
    {
      "cve": "CVE-2026-23357",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23357"
    },
    {
      "cve": "CVE-2026-23358",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23358"
    },
    {
      "cve": "CVE-2026-23359",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23359"
    },
    {
      "cve": "CVE-2026-23360",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23360"
    },
    {
      "cve": "CVE-2026-23361",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23361"
    },
    {
      "cve": "CVE-2026-23362",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23362"
    },
    {
      "cve": "CVE-2026-23363",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23363"
    },
    {
      "cve": "CVE-2026-23364",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23364"
    },
    {
      "cve": "CVE-2026-23365",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23365"
    },
    {
      "cve": "CVE-2026-23366",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23366"
    },
    {
      "cve": "CVE-2026-23367",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23367"
    },
    {
      "cve": "CVE-2026-23368",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23368"
    },
    {
      "cve": "CVE-2026-23369",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23369"
    },
    {
      "cve": "CVE-2026-23370",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23370"
    },
    {
      "cve": "CVE-2026-23371",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23371"
    },
    {
      "cve": "CVE-2026-23372",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23372"
    },
    {
      "cve": "CVE-2026-23373",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23373"
    },
    {
      "cve": "CVE-2026-23374",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23374"
    },
    {
      "cve": "CVE-2026-23375",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23375"
    },
    {
      "cve": "CVE-2026-23376",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23376"
    },
    {
      "cve": "CVE-2026-23377",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23377"
    },
    {
      "cve": "CVE-2026-23378",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23378"
    },
    {
      "cve": "CVE-2026-23379",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23379"
    },
    {
      "cve": "CVE-2026-23380",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23380"
    },
    {
      "cve": "CVE-2026-23381",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23381"
    },
    {
      "cve": "CVE-2026-23382",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23382"
    },
    {
      "cve": "CVE-2026-23383",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23383"
    },
    {
      "cve": "CVE-2026-23384",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23384"
    },
    {
      "cve": "CVE-2026-23385",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23385"
    },
    {
      "cve": "CVE-2026-23386",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23386"
    },
    {
      "cve": "CVE-2026-23387",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23387"
    },
    {
      "cve": "CVE-2026-23388",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23388"
    },
    {
      "cve": "CVE-2026-23389",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23389"
    },
    {
      "cve": "CVE-2026-23390",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23390"
    },
    {
      "cve": "CVE-2026-23391",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23391"
    },
    {
      "cve": "CVE-2026-23392",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23392"
    },
    {
      "cve": "CVE-2026-23393",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23393"
    },
    {
      "cve": "CVE-2026-23394",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23394"
    },
    {
      "cve": "CVE-2026-23395",
      "product_status": {
        "known_affected": [
          "T028462"
        ]
      },
      "release_date": "2026-03-24T23:00:00.000+00:00",
      "title": "CVE-2026-23395"
    }
  ]
}

MSRC_CVE-2026-23352

Vulnerability from csaf_microsoft - Published: 2026-03-02 00:00 - Updated: 2026-03-27 14:41

Summary

x86/efi: defer freeing of boot services memory

Notes

Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

CVE-2026-23352

Vendor Fix 6.6.130.1-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade https://learn.microsoft.com/en-us/azure/azure-lin…

References

URL

CERTFR-2026-AVI-0376

Vulnerability from certfr_avis - Published: 2026-03-30 - Updated: 2026-03-30

De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Microsoft	CBL Mariner	cbl2 telegraf 1.29.4-21 versions antérieures à 1.29.4-22
Microsoft	Azure Linux	azl3 glibc 2.38-18 versions antérieures à 2.38-19
Microsoft	Azure Linux	azl3 squid 6.13-3 versions antérieures à 6.13-4
Microsoft	Azure Linux	azl3 python-pyasn1 0.4.8-1 versions antérieures à 0.4.8-2
Microsoft	Azure Linux	azl3 nginx 1.28.2-1 versions antérieures à 1.28.3-1
Microsoft	CBL Mariner	cbl2 ncurses 6.4-3 versions antérieures à 6.4-4
Microsoft	Azure Linux	azl3 kernel 6.6.126.1-1 versions antérieures à 6.6.130.1-1
Microsoft	Azure Linux	azl3 ncurses 6.4-2 versions antérieures à 6.4-3
Microsoft	CBL Mariner	cbl2 terraform 1.3.2-29 versions antérieures à 1.3.2-30
Microsoft	Azure Linux	azl3 libsoup 3.4.4-12 versions antérieures à 3.4.4-14
Microsoft	Azure Linux	azl3 etcd 3.5.21-1 versions antérieures à 3.5.28-1

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2026-32748	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-4438	2026-03-22	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23347	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23268	2026-03-20	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23392	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23319	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23253	2026-03-20	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23296	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23364	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23368	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-27654	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-30922	2026-03-21	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23286	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23396	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23340	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23324	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-33515	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23318	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23379	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23317	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-27784	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23359	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23245	2026-03-19	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23269	2026-03-20	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23298	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23304	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23370	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23100	2026-03-22	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23271	2026-03-21	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23352	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-33343	2026-03-28	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-4437	2026-03-22	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23343	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-33413	2026-03-28	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23246	2026-03-19	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23279	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23244	2026-03-19	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23367	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23307	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23398	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2025-69720	2026-03-25	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-28755	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23300	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23381	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23356	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23351	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23277	2026-03-21	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23315	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-4645	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-33526	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23382	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23310	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23306	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23336	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-2369	2026-03-25	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23391	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23290	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23312	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23388	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23390	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23303	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23289	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23293	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-27651	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23291	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-28753	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23334	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-32647	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23397	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23281	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23365	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23285	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23292	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23284	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23395	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23274	2026-03-21	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23357	2026-03-26	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "cbl2 telegraf 1.29.4-21 versions ant\u00e9rieures \u00e0 1.29.4-22",
      "product": {
        "name": "CBL Mariner",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 glibc 2.38-18 versions ant\u00e9rieures \u00e0 2.38-19",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 squid 6.13-3 versions ant\u00e9rieures \u00e0 6.13-4",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 python-pyasn1 0.4.8-1 versions ant\u00e9rieures \u00e0 0.4.8-2",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 nginx 1.28.2-1 versions ant\u00e9rieures \u00e0 1.28.3-1",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "cbl2 ncurses 6.4-3 versions ant\u00e9rieures \u00e0 6.4-4",
      "product": {
        "name": "CBL Mariner",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 kernel 6.6.126.1-1 versions ant\u00e9rieures \u00e0 6.6.130.1-1",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 ncurses 6.4-2 versions ant\u00e9rieures \u00e0 6.4-3",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "cbl2 terraform 1.3.2-29 versions ant\u00e9rieures \u00e0 1.3.2-30",
      "product": {
        "name": "CBL Mariner",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 libsoup 3.4.4-12 versions ant\u00e9rieures \u00e0 3.4.4-14",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 etcd 3.5.21-1 versions ant\u00e9rieures \u00e0 3.5.28-1",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-23318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23318"
    },
    {
      "name": "CVE-2026-23368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23368"
    },
    {
      "name": "CVE-2026-23281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23281"
    },
    {
      "name": "CVE-2026-32647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32647"
    },
    {
      "name": "CVE-2026-23269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23269"
    },
    {
      "name": "CVE-2026-23293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23293"
    },
    {
      "name": "CVE-2026-23290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23290"
    },
    {
      "name": "CVE-2026-27651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27651"
    },
    {
      "name": "CVE-2026-23303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23303"
    },
    {
      "name": "CVE-2026-27654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27654"
    },
    {
      "name": "CVE-2026-23340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23340"
    },
    {
      "name": "CVE-2026-23253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23253"
    },
    {
      "name": "CVE-2026-33343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33343"
    },
    {
      "name": "CVE-2026-23271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23271"
    },
    {
      "name": "CVE-2026-23268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23268"
    },
    {
      "name": "CVE-2026-23285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23285"
    },
    {
      "name": "CVE-2026-23304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23304"
    },
    {
      "name": "CVE-2026-23357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23357"
    },
    {
      "name": "CVE-2026-4645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4645"
    },
    {
      "name": "CVE-2026-23324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23324"
    },
    {
      "name": "CVE-2026-23347",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23347"
    },
    {
      "name": "CVE-2026-28755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28755"
    },
    {
      "name": "CVE-2026-23317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23317"
    },
    {
      "name": "CVE-2026-23334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23334"
    },
    {
      "name": "CVE-2026-23391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23391"
    },
    {
      "name": "CVE-2026-23319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23319"
    },
    {
      "name": "CVE-2026-23279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23279"
    },
    {
      "name": "CVE-2026-23244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23244"
    },
    {
      "name": "CVE-2026-23246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23246"
    },
    {
      "name": "CVE-2026-30922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-30922"
    },
    {
      "name": "CVE-2026-23286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23286"
    },
    {
      "name": "CVE-2026-23359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23359"
    },
    {
      "name": "CVE-2026-23298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23298"
    },
    {
      "name": "CVE-2026-23296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23296"
    },
    {
      "name": "CVE-2026-23396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23396"
    },
    {
      "name": "CVE-2026-23370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23370"
    },
    {
      "name": "CVE-2026-23315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23315"
    },
    {
      "name": "CVE-2026-23352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23352"
    },
    {
      "name": "CVE-2026-23367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23367"
    },
    {
      "name": "CVE-2026-32748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32748"
    },
    {
      "name": "CVE-2026-23300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23300"
    },
    {
      "name": "CVE-2026-23379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23379"
    },
    {
      "name": "CVE-2026-23381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23381"
    },
    {
      "name": "CVE-2026-23392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23392"
    },
    {
      "name": "CVE-2026-23245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23245"
    },
    {
      "name": "CVE-2026-4438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4438"
    },
    {
      "name": "CVE-2026-23364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23364"
    },
    {
      "name": "CVE-2026-23274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23274"
    },
    {
      "name": "CVE-2026-23284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23284"
    },
    {
      "name": "CVE-2026-23397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23397"
    },
    {
      "name": "CVE-2026-23343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23343"
    },
    {
      "name": "CVE-2026-23336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23336"
    },
    {
      "name": "CVE-2025-69720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69720"
    },
    {
      "name": "CVE-2026-23289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23289"
    },
    {
      "name": "CVE-2026-23292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23292"
    },
    {
      "name": "CVE-2026-23277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23277"
    },
    {
      "name": "CVE-2026-4437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4437"
    },
    {
      "name": "CVE-2026-27784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27784"
    },
    {
      "name": "CVE-2026-23388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23388"
    },
    {
      "name": "CVE-2026-28753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28753"
    },
    {
      "name": "CVE-2026-33526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33526"
    },
    {
      "name": "CVE-2026-23310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23310"
    },
    {
      "name": "CVE-2026-2369",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2369"
    },
    {
      "name": "CVE-2026-33515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33515"
    },
    {
      "name": "CVE-2026-23395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23395"
    },
    {
      "name": "CVE-2026-23100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23100"
    },
    {
      "name": "CVE-2026-23306",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23306"
    },
    {
      "name": "CVE-2026-33413",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33413"
    },
    {
      "name": "CVE-2026-23291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23291"
    },
    {
      "name": "CVE-2026-23382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23382"
    },
    {
      "name": "CVE-2026-23312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23312"
    },
    {
      "name": "CVE-2026-23365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23365"
    },
    {
      "name": "CVE-2026-23356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23356"
    },
    {
      "name": "CVE-2026-23307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23307"
    },
    {
      "name": "CVE-2026-23398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23398"
    },
    {
      "name": "CVE-2026-23351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23351"
    },
    {
      "name": "CVE-2026-23390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23390"
    }
  ],
  "initial_release_date": "2026-03-30T00:00:00",
  "last_revision_date": "2026-03-30T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0376",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-03-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
  "vendor_advisories": [
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-32748",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32748"
    },
    {
      "published_at": "2026-03-22",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-4438",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4438"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23347",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23347"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23268",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23268"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23392",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23392"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23319",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23319"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23253",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23253"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23296",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23296"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23364",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23364"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23368",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23368"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-27654",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27654"
    },
    {
      "published_at": "2026-03-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-30922",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-30922"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23286",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23286"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23396",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23396"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23340",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23340"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23324",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23324"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-33515",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33515"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23318",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23318"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23379",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23379"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23317",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23317"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-27784",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27784"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23359",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23359"
    },
    {
      "published_at": "2026-03-19",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23245",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23245"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23269",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23269"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23298",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23298"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23304",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23304"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23370",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23370"
    },
    {
      "published_at": "2026-03-22",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23100",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23100"
    },
    {
      "published_at": "2026-03-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23271",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23271"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23352",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23352"
    },
    {
      "published_at": "2026-03-28",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-33343",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33343"
    },
    {
      "published_at": "2026-03-22",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-4437",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4437"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23343",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23343"
    },
    {
      "published_at": "2026-03-28",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-33413",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33413"
    },
    {
      "published_at": "2026-03-19",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23246",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23246"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23279",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23279"
    },
    {
      "published_at": "2026-03-19",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23244",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23244"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23367",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23367"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23307",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23307"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23398",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23398"
    },
    {
      "published_at": "2026-03-25",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-69720",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69720"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-28755",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28755"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23300",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23300"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23381",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23381"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23356",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23356"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23351",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23351"
    },
    {
      "published_at": "2026-03-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23277",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23277"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23315",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23315"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-4645",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4645"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-33526",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33526"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23382",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23382"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23310",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23310"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23306",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23306"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23336",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23336"
    },
    {
      "published_at": "2026-03-25",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-2369",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-2369"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23391",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23391"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23290",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23290"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23312",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23312"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23388",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23388"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23390",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23390"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23303",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23303"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23289",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23289"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23293",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23293"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-27651",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27651"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23291",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23291"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-28753",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28753"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23334",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23334"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-32647",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32647"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23397",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23397"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23281",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23281"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23365",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23365"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23285",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23285"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23292",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23292"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23284",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23284"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23395",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23395"
    },
    {
      "published_at": "2026-03-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23274",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23274"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23357",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23357"
    }
  ]
}

GHSA-3GGX-9863-FXCM

Vulnerability from github – Published: 2026-03-25 12:30 – Updated: 2026-03-25 12:30

Details

In the Linux kernel, the following vulnerability has been resolved:

x86/efi: defer freeing of boot services memory

efi_free_boot_services() frees memory occupied by EFI_BOOT_SERVICES_CODE and EFI_BOOT_SERVICES_DATA using memblock_free_late().

There are two issue with that: memblock_free_late() should be used for memory allocated with memblock_alloc() while the memory reserved with memblock_reserve() should be freed with free_reserved_area().

More acutely, with CONFIG_DEFERRED_STRUCT_PAGE_INIT=y efi_free_boot_services() is called before deferred initialization of the memory map is complete.

Benjamin Herrenschmidt reports that this causes a leak of ~140MB of RAM on EC2 t3a.nano instances which only have 512MB or RAM.

If the freed memory resides in the areas that memory map for them is still uninitialized, they won't be actually freed because memblock_free_late() calls memblock_free_pages() and the latter skips uninitialized pages.

Using free_reserved_area() at this point is also problematic because __free_page() accesses the buddy of the freed page and that again might end up in uninitialized part of the memory map.

Delaying the entire efi_free_boot_services() could be problematic because in addition to freeing boot services memory it updates efi.memmap without any synchronization and that's undesirable late in boot when there is concurrency.

More robust approach is to only defer freeing of the EFI boot services memory.

Split efi_free_boot_services() in two. First efi_unmap_boot_services() collects ranges that should be freed into an array then efi_free_boot_services() later frees them after deferred init is complete.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-23352"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-25T11:16:33Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/efi: defer freeing of boot services memory\n\nefi_free_boot_services() frees memory occupied by EFI_BOOT_SERVICES_CODE\nand EFI_BOOT_SERVICES_DATA using memblock_free_late().\n\nThere are two issue with that: memblock_free_late() should be used for\nmemory allocated with memblock_alloc() while the memory reserved with\nmemblock_reserve() should be freed with free_reserved_area().\n\nMore acutely, with CONFIG_DEFERRED_STRUCT_PAGE_INIT=y\nefi_free_boot_services() is called before deferred initialization of the\nmemory map is complete.\n\nBenjamin Herrenschmidt reports that this causes a leak of ~140MB of\nRAM on EC2 t3a.nano instances which only have 512MB or RAM.\n\nIf the freed memory resides in the areas that memory map for them is\nstill uninitialized, they won\u0027t be actually freed because\nmemblock_free_late() calls memblock_free_pages() and the latter skips\nuninitialized pages.\n\nUsing free_reserved_area() at this point is also problematic because\n__free_page() accesses the buddy of the freed page and that again might\nend up in uninitialized part of the memory map.\n\nDelaying the entire efi_free_boot_services() could be problematic\nbecause in addition to freeing boot services memory it updates\nefi.memmap without any synchronization and that\u0027s undesirable late in\nboot when there is concurrency.\n\nMore robust approach is to only defer freeing of the EFI boot services\nmemory.\n\nSplit efi_free_boot_services() in two. First efi_unmap_boot_services()\ncollects ranges that should be freed into an array then\nefi_free_boot_services() later frees them after deferred init is complete.",
  "id": "GHSA-3ggx-9863-fxcm",
  "modified": "2026-03-25T12:30:23Z",
  "published": "2026-03-25T12:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23352"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/227688312fece0026fc67a00ba9a0b3611ebe95d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/399da820ecfe6f4f10c143e5c453d3559a04db9c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4a2cb90c538f06c873a187aa743575d48685d7a6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6a25e25279282c5c8ade554c04c6ab9dc7902c64"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7dcf59422a3b0d20ddda844f856b4a1e0608a326"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a4b0bf6a40f3c107c67a24fbc614510ef5719980"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f9e9cc320854a76a39e7bc92d144554f3a727fad"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2026-23352

Vulnerability from fkie_nvd - Published: 2026-03-25 11:16 - Updated: 2026-03-25 15:41

Severity ?

Summary

References

	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/227688312fece0026fc67a00ba9a0b3611ebe95d
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/399da820ecfe6f4f10c143e5c453d3559a04db9c
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/4a2cb90c538f06c873a187aa743575d48685d7a6
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/6a25e25279282c5c8ade554c04c6ab9dc7902c64
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/7dcf59422a3b0d20ddda844f856b4a1e0608a326
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/a4b0bf6a40f3c107c67a24fbc614510ef5719980
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/f9e9cc320854a76a39e7bc92d144554f3a727fad

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/efi: defer freeing of boot services memory\n\nefi_free_boot_services() frees memory occupied by EFI_BOOT_SERVICES_CODE\nand EFI_BOOT_SERVICES_DATA using memblock_free_late().\n\nThere are two issue with that: memblock_free_late() should be used for\nmemory allocated with memblock_alloc() while the memory reserved with\nmemblock_reserve() should be freed with free_reserved_area().\n\nMore acutely, with CONFIG_DEFERRED_STRUCT_PAGE_INIT=y\nefi_free_boot_services() is called before deferred initialization of the\nmemory map is complete.\n\nBenjamin Herrenschmidt reports that this causes a leak of ~140MB of\nRAM on EC2 t3a.nano instances which only have 512MB or RAM.\n\nIf the freed memory resides in the areas that memory map for them is\nstill uninitialized, they won\u0027t be actually freed because\nmemblock_free_late() calls memblock_free_pages() and the latter skips\nuninitialized pages.\n\nUsing free_reserved_area() at this point is also problematic because\n__free_page() accesses the buddy of the freed page and that again might\nend up in uninitialized part of the memory map.\n\nDelaying the entire efi_free_boot_services() could be problematic\nbecause in addition to freeing boot services memory it updates\nefi.memmap without any synchronization and that\u0027s undesirable late in\nboot when there is concurrency.\n\nMore robust approach is to only defer freeing of the EFI boot services\nmemory.\n\nSplit efi_free_boot_services() in two. First efi_unmap_boot_services()\ncollects ranges that should be freed into an array then\nefi_free_boot_services() later frees them after deferred init is complete."
    }
  ],
  "id": "CVE-2026-23352",
  "lastModified": "2026-03-25T15:41:33.977",
  "metrics": {},
  "published": "2026-03-25T11:16:33.627",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/227688312fece0026fc67a00ba9a0b3611ebe95d"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/399da820ecfe6f4f10c143e5c453d3559a04db9c"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/4a2cb90c538f06c873a187aa743575d48685d7a6"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/6a25e25279282c5c8ade554c04c6ab9dc7902c64"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/7dcf59422a3b0d20ddda844f856b4a1e0608a326"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/a4b0bf6a40f3c107c67a24fbc614510ef5719980"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/f9e9cc320854a76a39e7bc92d144554f3a727fad"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-23352 (GCVE-0-2026-23352)

WID-SEC-W-2026-0861

MSRC_CVE-2026-23352

CERTFR-2026-AVI-0376

Solutions

GHSA-3GGX-9863-FXCM

FKIE_CVE-2026-23352

Tags

Sightings

Nomenclature