What is CVE-2026-23383?

CVE-2026-23383 is a high-severity vulnerability in Linux. CVSS score: 7.8/10. Published 2026-03-25.

How severe is CVE-2026-23383?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Linux

CVE-2026-23383

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing struct bpf_plt contains a u64 target field. Currently, the BPF JIT allocator requests an alig…

EPSS: 0.000 (4.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Linux — versions b2ad54e1533e91449cb2a371e034942bd7882b58, 6.0, 0

References

git.kernel.org/stable/c/80ad264da02cc4aee718e799c2b79f0f834673dc
git.kernel.org/stable/c/519b1ad91de5bf7a496f2b858e9212db6328e1de
git.kernel.org/stable/c/66959ed481a474eaae278c7f6860a2a9b188a4d6
git.kernel.org/stable/c/ef06fd16d48704eac868441d98d4ef083d8f3d07

Frequently asked questions

What is CVE-2026-23383?: CVE-2026-23383 is a high-severity vulnerability in Linux. CVSS score: 7.8/10. Published 2026-03-25.
How severe is CVE-2026-23383?: High severity. CVSS v3 base score is 7.8 out of 10.