Linux Kernel: bonding.datarace on slave->last_rx (KCSAN)
CVE-2026-23212 Published on February 18, 2026
bonding: annotate data-races around slave->last_rx
In the Linux kernel, the following vulnerability has been resolved:
bonding: annotate data-races around slave->last_rx
slave->last_rx and slave->target_last_arp_rx[...] can be read and written
locklessly. Add READ_ONCE() and WRITE_ONCE() annotations.
syzbot reported:
BUG: KCSAN: data-race in bond_rcv_validate / bond_rcv_validate
write to 0xffff888149f0d428 of 8 bytes by interrupt on cpu 1:
bond_rcv_validate+0x202/0x7a0 drivers/net/bonding/bond_main.c:3335
bond_handle_frame+0xde/0x5e0 drivers/net/bonding/bond_main.c:1533
__netif_receive_skb_core+0x5b1/0x1950 net/core/dev.c:6039
__netif_receive_skb_one_core net/core/dev.c:6150 [inline]
__netif_receive_skb+0x59/0x270 net/core/dev.c:6265
netif_receive_skb_internal net/core/dev.c:6351 [inline]
netif_receive_skb+0x4b/0x2d0 net/core/dev.c:6410
...
write to 0xffff888149f0d428 of 8 bytes by interrupt on cpu 0:
bond_rcv_validate+0x202/0x7a0 drivers/net/bonding/bond_main.c:3335
bond_handle_frame+0xde/0x5e0 drivers/net/bonding/bond_main.c:1533
__netif_receive_skb_core+0x5b1/0x1950 net/core/dev.c:6039
__netif_receive_skb_one_core net/core/dev.c:6150 [inline]
__netif_receive_skb+0x59/0x270 net/core/dev.c:6265
netif_receive_skb_internal net/core/dev.c:6351 [inline]
netif_receive_skb+0x4b/0x2d0 net/core/dev.c:6410
br_netif_receive_skb net/bridge/br_input.c:30 [inline]
NF_HOOK include/linux/netfilter.h:318 [inline]
...
value changed: 0x0000000100005365 -> 0x0000000100005366
Products Associated with CVE-2026-23212
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2026-23212 are published in Linux Kernel:
Affected Versions
Linux:- Version f5b2b966f032f22d3a289045a5afd4afa09f09c6 and below a7516cb0165926d308187e231ccd330e5e3ebff7 is affected.
- Version f5b2b966f032f22d3a289045a5afd4afa09f09c6 and below 8c0be3277e7aefb2f900fc37ca3fe7df362e26f5 is affected.
- Version f5b2b966f032f22d3a289045a5afd4afa09f09c6 and below b956289b83887e0a306067b6003c3fcd81bfdf84 is affected.
- Version f5b2b966f032f22d3a289045a5afd4afa09f09c6 and below bd98324e327e41de04b13e372cc16f73150df254 is affected.
- Version f5b2b966f032f22d3a289045a5afd4afa09f09c6 and below f6c3665b6dc53c3ab7d31b585446a953a74340ef is affected.
- Version 2.6.19 is affected.
- Before 2.6.19 is unaffected.
- Version 6.1.162, <= 6.1.* is unaffected.
- Version 6.6.123, <= 6.6.* is unaffected.
- Version 6.12.69, <= 6.12.* is unaffected.
- Version 6.18.9, <= 6.18.* is unaffected.
- Version 6.19, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.