CVE-2026-23087

Summary

In the Linux kernel, the following vulnerability has been resolved:

scsi: xen: scsiback: Fix potential memory leak in scsiback_remove()

Memory allocated for struct vscsiblk_info in scsiback_probe() is not freed in scsiback_remove() leading to potential memory leaks on remove, as well as in the scsiback_probe() error paths. Fix that by freeing it in scsiback_remove().

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd9d660f6e562a47b4065eeb7e538910b0471b988 < a8bb3ec8d85951a56af0a72d93ccbc2aee42eef9affected
LinuxLinuxd9d660f6e562a47b4065eeb7e538910b0471b988 < 427b0fb30ddec3bad05dcd73b00718f98c7026d2affected
LinuxLinuxd9d660f6e562a47b4065eeb7e538910b0471b988 < 4a975c72429b050c234405668b742cdecc11548eaffected
LinuxLinuxd9d660f6e562a47b4065eeb7e538910b0471b988 < f86264ec0e2b102fcd49bf3e4f32fee669d482fcaffected
LinuxLinuxd9d660f6e562a47b4065eeb7e538910b0471b988 < 32e52b56056daf0f0881fd9254706acf25b4be97affected
LinuxLinuxd9d660f6e562a47b4065eeb7e538910b0471b988 < 24c441f0e24da175d7912095663f526ac480dc4faffected
LinuxLinuxd9d660f6e562a47b4065eeb7e538910b0471b988 < 901a5f309daba412e2a30364d7ec1492fa11c32caffected
LinuxLinux3.18affected
LinuxLinux0 < 3.18unaffected
LinuxLinux5.10.249 <= 5.10.*unaffected
LinuxLinux5.15.199 <= 5.15.*unaffected
LinuxLinux6.1.162 <= 6.1.*unaffected
LinuxLinux6.6.122 <= 6.6.*unaffected
LinuxLinux6.12.68 <= 6.12.*unaffected
LinuxLinux6.18.8 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

References