Linux Kernel up to 6.18.5/6.19-rc4 devl_param_driverinit_value_set assertion

Summaryinfo

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.18.5/6.19-rc4. This affects the function devl_param_driverinit_value_set. The manipulation results in assertion. This vulnerability is reported as CVE-2026-23045. No exploit exists. It is advisable to upgrade the affected component.

Detailsinfo

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.18.5/6.19-rc4. Affected is the function devl_param_driverinit_value_set. The manipulation with an unknown input leads to a assertion vulnerability. CWE is classifying the issue as CWE-617. The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary. This is going to have an impact on availability. CVE summarizes:

In the Linux kernel, the following vulnerability has been resolved: net/ena: fix missing lock when update devlink params Fix assert lock warning while calling devl_param_driverinit_value_set() in ena. WARNING: net/devlink/core.c:261 at devl_assert_locked+0x62/0x90, CPU#0: kworker/0:0/9 CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Not tainted 6.19.0-rc2+ #1 PREEMPT(lazy) Hardware name: Amazon EC2 m8i-flex.4xlarge/, BIOS 1.0 10/16/2017 Workqueue: events work_for_cpu_fn RIP: 0010:devl_assert_locked+0x62/0x90 Call Trace: <TASK> devl_param_driverinit_value_set+0x15/0x1c0 ena_devlink_alloc+0x18c/0x220 [ena] ? __pfx_ena_devlink_alloc+0x10/0x10 [ena] ? trace_hardirqs_on+0x18/0x140 ? lockdep_hardirqs_on+0x8c/0x130 ? __raw_spin_unlock_irqrestore+0x5d/0x80 ? __raw_spin_unlock_irqrestore+0x46/0x80 ? devm_ioremap_wc+0x9a/0xd0 ena_probe+0x4d2/0x1b20 [ena] ? __lock_acquire+0x56a/0xbd0 ? __pfx_ena_probe+0x10/0x10 [ena] ? local_clock+0x15/0x30 ? __lock_release.isra.0+0x1c9/0x340 ? mark_held_locks+0x40/0x70 ? lockdep_hardirqs_on_prepare.part.0+0x92/0x170 ? trace_hardirqs_on+0x18/0x140 ? lockdep_hardirqs_on+0x8c/0x130 ? __raw_spin_unlock_irqrestore+0x5d/0x80 ? __raw_spin_unlock_irqrestore+0x46/0x80 ? __pfx_ena_probe+0x10/0x10 [ena] ...... </TASK>

The advisory is shared for download at git.kernel.org. This vulnerability is traded as CVE-2026-23045 since 01/13/2026. The exploitability is told to be difficult. There are known technical details, but no exploit is available.

The vulnerability scanner Nessus provides a plugin with the ID 297926 (Linux Distros Unpatched Vulnerability : CVE-2026-23045), which helps to determine the existence of the flaw in a target environment.

Upgrading to version 6.18.6 or 6.19-rc5 eliminates this vulnerability. Applying the patch f2c4bcfa193eef1b7457a56be9c47a8de015f225/8da901ffe497a53fa4ecc3ceed0e6d771586f88e is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.

The vulnerability is also documented in the databases at Tenable (297926) and CERT Bund (WID-SEC-2026-0324). VulDB is the best source for vulnerability data and more expert information about this specific topic.

Affected

• Debian Linux
• Google Cloud Platform
• Amazon Linux 2
• Red Hat Enterprise Linux
• Ubuntu Linux
• SUSE Linux
• Oracle Linux
• IBM QRadar SIEM
• SUSE openSUSE
• RESF Rocky Linux
• Open Source Linux Kernel

Productinfo

Type

• Operating System

Vendor

• Linux

Name

• Kernel

Version

• 6.18.0
• 6.18.1
• 6.18.2
• 6.18.3
• 6.18.4
• 6.18.5
• 6.19-rc1
• 6.19-rc2
• 6.19-rc3
• 6.19-rc4

License

• open-source

Website

• Vendor: https://www.kernel.org/

CPE 2.3info

• 🔒
• 🔒
• 🔒

CPE 2.2info

• 🔒
• 🔒
• 🔒

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Discussion