What is the severity of CVE-2026-23143?

CVE-2026-23143 has a CVSS v3 score of 0, which is classified as Low severity.

Is there an exploit available for CVE-2026-23143?

No known public exploits are currently available for CVE-2026-23143.

Is there a patch available for CVE-2026-23143?

Yes, patches are available for CVE-2026-23143. Check the vendor advisories for update instructions.

CVE-2026-23143 - CVE Details, Severity, and Analysis

Severity Scores

CVSS v30.0

CVSS v20.0

Priority Score0.0

EPSS Score0.0

None

Exploitation LikelihoodMinimal

0.00%EPSS

Very low probability of exploitation

Monitor and patch as resources allow

0.00%

EPSS

0.0

CVSS

No

Exploit

Yes

Patch

Low Priority

no major risk factors

EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.

Description

In the Linux kernel, the following vulnerability has been resolved:

virtio_net: Fix misalignment bug in struct virtnet_info

Use the new TRAILING_OVERLAP() helper to fix a misalignment bug along with the following warning:

drivers/net/virtio_net.c:429:46: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]

This helper creates a union between a flexible-array member (FAM) and a set of members that would otherwise follow it (in this case u8 rss_hash_key_data[VIRTIO_NET_RSS_MAX_KEY_SIZE];). This overlays the trailing members (rss_hash_key_data) onto the FAM (hash_key_data) while keeping the FAM and the start of MEMBERS aligned. The static_assert() ensures this alignment remains.

Notice that due to tail padding in flexible struct virtio_net_rss_config_trailer, rss_trailer.hash_key_data (at offset 83 in struct virtnet_info) and rss_hash_key_data (at offset 84 in struct virtnet_info) are misaligned by one byte. See below:

struct virtio_net_rss_config_trailer { __le16 max_tx_vq; /* 0 2 / __u8 hash_key_length; / 2 1 / __u8 hash_key_data[]; / 3 0 */

    /* size: 4, cachelines: 1, members: 3 */
    /* padding: 1 */
    /* last cacheline: 4 bytes */

};

struct virtnet_info { ... struct virtio_net_rss_config_trailer rss_trailer; /* 80 4 */

    /* XXX last struct has 1 byte of padding */

    u8                         rss_hash_key_data[40]; /*    84    40 */

... /* size: 832, cachelines: 13, members: 48 / / sum members: 801, holes: 8, sum holes: 31 / / paddings: 2, sum paddings: 5 */ };

After changes, those members are correctly aligned at offset 795:

struct virtnet_info { ... union { struct virtio_net_rss_config_trailer rss_trailer; /* 792 4 / struct { unsigned char __offset_to_hash_key_data[3]; / 792 3 / u8 rss_hash_key_data[40]; / 795 40 / }; / 792 43 792 44 size: 840, cachelines: 14, members: 47 sum members: 801, holes: 8, sum holes: 35 padding: 4 paddings: 1, sum paddings: 4 last cacheline: 8 bytes */ };

CVSS v3 Breakdown

Attack Vector:-

Attack Complexity:-

Privileges Required:-

User Interaction:-

Scope:-

Confidentiality:-

Integrity:-

Availability:-