CVE-2026-23223
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
xfs: fix UAF in xchk_btree_check_block_owner
We cannot dereference bs->cur when trying to determine if bs->cur aliases bs->sc->sa.{bno,rmap}_cur after the latter has been freed. Fix this by sampling before type before any freeing could happen. The correct temporal ordering was broken when we removed xfs_btnum_t.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | ec793e690f801d97a7ae2a0d429fea1fee4d44aa < 1d411278dda293a507cb794db7d9ed3511c685c6 | affected |
| Linux | Linux | ec793e690f801d97a7ae2a0d429fea1fee4d44aa < ed82e7949f5cac3058f4100f3cd670531d41a266 | affected |
| Linux | Linux | ec793e690f801d97a7ae2a0d429fea1fee4d44aa < ba5264610423d9653aa36920520902d83841bcfd | affected |
| Linux | Linux | ec793e690f801d97a7ae2a0d429fea1fee4d44aa < 1c253e11225bc5167217897885b85093e17c2217 | affected |
| Linux | Linux | 6.9 | affected |
| Linux | Linux | 0 < 6.9 | unaffected |
| Linux | Linux | 6.12.72 <= 6.12.* | unaffected |
| Linux | Linux | 6.18.11 <= 6.18.* | unaffected |
| Linux | Linux | 6.19.1 <= 6.19.* | unaffected |
| Linux | Linux | 7.0 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/1d411278dda293a507cb794db7d9ed3511c685c6
- https://git.kernel.org/stable/c/ed82e7949f5cac3058f4100f3cd670531d41a266
- https://git.kernel.org/stable/c/ba5264610423d9653aa36920520902d83841bcfd
- https://git.kernel.org/stable/c/1c253e11225bc5167217897885b85093e17c2217
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.