CVE-2026-23123
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
interconnect: debugfs: initialize src_node and dst_node to empty strings
The debugfs_create_str() API assumes that the string pointer is either NULL or points to valid kmalloc() memory. Leaving the pointer uninitialized can cause problems.
Initialize src_node and dst_node to empty strings before creating the debugfs entries to guarantee that reads and writes are safe.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 770c69f037c18cfaa37c3d6c6ef8bd257635513f < aa79a5a959c7c414bd6fba01ea8dbaddd44f13e7 | affected |
| Linux | Linux | 770c69f037c18cfaa37c3d6c6ef8bd257635513f < 935d0938b570589c8b0a1733d2cba3c39d027f25 | affected |
| Linux | Linux | 770c69f037c18cfaa37c3d6c6ef8bd257635513f < 5d7c7e1fb3ec24fdd0f9faa27b666d6789e891e8 | affected |
| Linux | Linux | 770c69f037c18cfaa37c3d6c6ef8bd257635513f < 8cc27f5c6dd17dd090f3a696683f04336c162ff5 | affected |
| Linux | Linux | 6.6 | affected |
| Linux | Linux | 0 < 6.6 | unaffected |
| Linux | Linux | 6.6.122 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.68 <= 6.12.* | unaffected |
| Linux | Linux | 6.18.8 <= 6.18.* | unaffected |
| Linux | Linux | 6.19 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/aa79a5a959c7c414bd6fba01ea8dbaddd44f13e7
- https://git.kernel.org/stable/c/935d0938b570589c8b0a1733d2cba3c39d027f25
- https://git.kernel.org/stable/c/5d7c7e1fb3ec24fdd0f9faa27b666d6789e891e8
- https://git.kernel.org/stable/c/8cc27f5c6dd17dd090f3a696683f04336c162ff5
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.