cve-2026-23378

CVE-2026-23378 is a Linux kernel vulnerability in the act_ife traffic-control action. The bug occurs in the metalist handling path, where replacing an ife action can append new metadata instead of replacing old entries, causing the list to grow without bound. This leads to a slab-out-of-bounds write during encoding in ife_tlv_meta_encode(), as confirmed by KASAN evidence. The issue is a state-management mistake that results in a concrete memory safety failure. Discussions on WindowsForum cover the technical details of the flaw, its impact on kernel stability, and potential mitigations.