Microsoft published security advisories for CVE-2026-23291 and CVE-2026-23319, two vulnerabilities affecting Linux kernel components tracked through the Security Update Guide. CVE-2026-23291 is tied to the nfc: pn533 driver and describes improper release of a USB interface reference during device disconnect, a flaw that can lead to resource-management and memory-safety issues in systems using the PN533 NFC stack.
The second issue, CVE-2026-23319, affects bpf and is described as a use-after-free bug in bpf_trampoline_link_cgroup_shim, pointing to a memory corruption risk in the eBPF subsystem. Together, the advisories highlight kernel-level weaknesses in both hardware interface handling and programmable packet-processing infrastructure, underscoring the need for organizations running affected Linux-based environments to review Microsoft guidance and apply relevant updates or downstream vendor patches.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
1 event from the most recent confirmed update back to the earliest known activity.
Microsoft's Security Update Guide listed CVE-2026-23291, involving improper release of a USB interface reference in nfc: pn533 on disconnect, and CVE-2026-23319, a use-after-free issue in bpf_trampoline_link_cgroup_shim. Both advisories were published on the same date.
2 references tracked. Mallory keeps watching after this page renders.
msrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.