CVE-2026-23329 (GCVE-0-2026-23329)
Vulnerability from cvelistv5
Published
2026-03-25 10:27
Modified
2026-04-13 06:05
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: libie: don't unroll if fwlog isn't supported The libie_fwlog_deinit() function can be called during driver unload even when firmware logging was never properly initialized. This led to call trace: [ 148.576156] Oops: Oops: 0000 [#1] SMP NOPTI [ 148.576167] CPU: 80 UID: 0 PID: 12843 Comm: rmmod Kdump: loaded Not tainted 6.17.0-rc7next-queue-3oct-01915-g06d79d51cf51 #1 PREEMPT(full) [ 148.576177] Hardware name: HPE ProLiant DL385 Gen10 Plus/ProLiant DL385 Gen10 Plus, BIOS A42 07/18/2020 [ 148.576182] RIP: 0010:__dev_printk+0x16/0x70 [ 148.576196] Code: 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 41 55 41 54 49 89 d4 55 48 89 fd 53 48 85 f6 74 3c <4c> 8b 6e 50 48 89 f3 4d 85 ed 75 03 4c 8b 2e 48 89 df e8 f3 27 98 [ 148.576204] RSP: 0018:ffffd2fd7ea17a48 EFLAGS: 00010202 [ 148.576211] RAX: ffffd2fd7ea17aa0 RBX: ffff8eb288ae2000 RCX: 0000000000000000 [ 148.576217] RDX: ffffd2fd7ea17a70 RSI: 00000000000000c8 RDI: ffffffffb68d3d88 [ 148.576222] RBP: ffffffffb68d3d88 R08: 0000000000000000 R09: 0000000000000000 [ 148.576227] R10: 00000000000000c8 R11: ffff8eb2b1a49400 R12: ffffd2fd7ea17a70 [ 148.576231] R13: ffff8eb3141fb000 R14: ffffffffc1215b48 R15: ffffffffc1215bd8 [ 148.576236] FS: 00007f5666ba6740(0000) GS:ffff8eb2472b9000(0000) knlGS:0000000000000000 [ 148.576242] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.576247] CR2: 0000000000000118 CR3: 000000011ad17000 CR4: 0000000000350ef0 [ 148.576252] Call Trace: [ 148.576258] <TASK> [ 148.576269] _dev_warn+0x7c/0x96 [ 148.576290] libie_fwlog_deinit+0x112/0x117 [libie_fwlog] [ 148.576303] ixgbe_remove+0x63/0x290 [ixgbe] [ 148.576342] pci_device_remove+0x42/0xb0 [ 148.576354] device_release_driver_internal+0x19c/0x200 [ 148.576365] driver_detach+0x48/0x90 [ 148.576372] bus_remove_driver+0x6d/0xf0 [ 148.576383] pci_unregister_driver+0x2e/0xb0 [ 148.576393] ixgbe_exit_module+0x1c/0xd50 [ixgbe] [ 148.576430] __do_sys_delete_module.isra.0+0x1bc/0x2e0 [ 148.576446] do_syscall_64+0x7f/0x980 It can be reproduced by trying to unload ixgbe driver in recovery mode. Fix that by checking if fwlog is supported before doing unroll.
References
Impacted products
Vendor Product Version
Linux Linux Version: 641585bc978e0a1170ca8f12fbb1468b3874a2db
Version: 641585bc978e0a1170ca8f12fbb1468b3874a2db
Version: 641585bc978e0a1170ca8f12fbb1468b3874a2db
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/libie/fwlog.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0138d1cdb19fa49181a5aaba32427f1787cb3935",
              "status": "affected",
              "version": "641585bc978e0a1170ca8f12fbb1468b3874a2db",
              "versionType": "git"
            },
            {
              "lessThan": "460c56ecbef57684aad1d6af525b89dcd3565701",
              "status": "affected",
              "version": "641585bc978e0a1170ca8f12fbb1468b3874a2db",
              "versionType": "git"
            },
            {
              "lessThan": "636cc3bd12f499c74eaf5dc9a7d5b832f1bb24ed",
              "status": "affected",
              "version": "641585bc978e0a1170ca8f12fbb1468b3874a2db",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/libie/fwlog.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.18"
            },
            {
              "lessThan": "6.18",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.17",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.19.*",
              "status": "unaffected",
              "version": "6.19.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "7.0",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.17",
                  "versionStartIncluding": "6.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.19.7",
                  "versionStartIncluding": "6.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0",
                  "versionStartIncluding": "6.18",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibie: don\u0027t unroll if fwlog isn\u0027t supported\n\nThe libie_fwlog_deinit() function can be called during driver unload\neven when firmware logging was never properly initialized. This led to call\ntrace:\n\n[  148.576156] Oops: Oops: 0000 [#1] SMP NOPTI\n[  148.576167] CPU: 80 UID: 0 PID: 12843 Comm: rmmod Kdump: loaded Not tainted 6.17.0-rc7next-queue-3oct-01915-g06d79d51cf51 #1 PREEMPT(full)\n[  148.576177] Hardware name: HPE ProLiant DL385 Gen10 Plus/ProLiant DL385 Gen10 Plus, BIOS A42 07/18/2020\n[  148.576182] RIP: 0010:__dev_printk+0x16/0x70\n[  148.576196] Code: 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 41 55 41 54 49 89 d4 55 48 89 fd 53 48 85 f6 74 3c \u003c4c\u003e 8b 6e 50 48 89 f3 4d 85 ed 75 03 4c 8b 2e 48 89 df e8 f3 27 98\n[  148.576204] RSP: 0018:ffffd2fd7ea17a48 EFLAGS: 00010202\n[  148.576211] RAX: ffffd2fd7ea17aa0 RBX: ffff8eb288ae2000 RCX: 0000000000000000\n[  148.576217] RDX: ffffd2fd7ea17a70 RSI: 00000000000000c8 RDI: ffffffffb68d3d88\n[  148.576222] RBP: ffffffffb68d3d88 R08: 0000000000000000 R09: 0000000000000000\n[  148.576227] R10: 00000000000000c8 R11: ffff8eb2b1a49400 R12: ffffd2fd7ea17a70\n[  148.576231] R13: ffff8eb3141fb000 R14: ffffffffc1215b48 R15: ffffffffc1215bd8\n[  148.576236] FS:  00007f5666ba6740(0000) GS:ffff8eb2472b9000(0000) knlGS:0000000000000000\n[  148.576242] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  148.576247] CR2: 0000000000000118 CR3: 000000011ad17000 CR4: 0000000000350ef0\n[  148.576252] Call Trace:\n[  148.576258]  \u003cTASK\u003e\n[  148.576269]  _dev_warn+0x7c/0x96\n[  148.576290]  libie_fwlog_deinit+0x112/0x117 [libie_fwlog]\n[  148.576303]  ixgbe_remove+0x63/0x290 [ixgbe]\n[  148.576342]  pci_device_remove+0x42/0xb0\n[  148.576354]  device_release_driver_internal+0x19c/0x200\n[  148.576365]  driver_detach+0x48/0x90\n[  148.576372]  bus_remove_driver+0x6d/0xf0\n[  148.576383]  pci_unregister_driver+0x2e/0xb0\n[  148.576393]  ixgbe_exit_module+0x1c/0xd50 [ixgbe]\n[  148.576430]  __do_sys_delete_module.isra.0+0x1bc/0x2e0\n[  148.576446]  do_syscall_64+0x7f/0x980\n\nIt can be reproduced by trying to unload ixgbe driver in recovery mode.\n\nFix that by checking if fwlog is supported before doing unroll."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-13T06:05:08.319Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0138d1cdb19fa49181a5aaba32427f1787cb3935"
        },
        {
          "url": "https://git.kernel.org/stable/c/460c56ecbef57684aad1d6af525b89dcd3565701"
        },
        {
          "url": "https://git.kernel.org/stable/c/636cc3bd12f499c74eaf5dc9a7d5b832f1bb24ed"
        }
      ],
      "title": "libie: don\u0027t unroll if fwlog isn\u0027t supported",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2026-23329",
    "datePublished": "2026-03-25T10:27:21.212Z",
    "dateReserved": "2026-01-13T15:37:45.996Z",
    "dateUpdated": "2026-04-13T06:05:08.319Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.