CVE-2026-23296
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
scsi: core: Fix refcount leak for tagset_refcnt
This leak will cause a hang when tearing down the SCSI host. For example, iscsid hangs with the following call trace:
[130120.652718] scsi_alloc_sdev: Allocation failure during SCSI scanning, some SCSI devices might not be configured
PID: 2528 TASK: ffff9d0408974e00 CPU: 3 COMMAND: "iscsid" #0 [ffffb5b9c134b9e0] __schedule at ffffffff860657d4 #1 [ffffb5b9c134ba28] schedule at ffffffff86065c6f #2 [ffffb5b9c134ba40] schedule_timeout at ffffffff86069fb0 #3 [ffffb5b9c134bab0] __wait_for_common at ffffffff8606674f #4 [ffffb5b9c134bb10] scsi_remove_host at ffffffff85bfe84b #5 [ffffb5b9c134bb30] iscsi_sw_tcp_session_destroy at ffffffffc03031c4 [iscsi_tcp] #6 [ffffb5b9c134bb48] iscsi_if_recv_msg at ffffffffc0292692 [scsi_transport_iscsi] #7 [ffffb5b9c134bb98] iscsi_if_rx at ffffffffc02929c2 [scsi_transport_iscsi] #8 [ffffb5b9c134bbf0] netlink_unicast at ffffffff85e551d6 #9 [ffffb5b9c134bc38] netlink_sendmsg at ffffffff85e554ef
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | f818708eeeae793e12dc39f8984ed7732048a7d9 < 0e274674714427dc578bb99db5b86e312d2b57f8 | affected |
| Linux | Linux | 8fe4ce5836e932f5766317cb651c1ff2a4cd0506 < 9f5e4abed9248448aa1b45b12ab0bea4d329b56a | affected |
| Linux | Linux | 8fe4ce5836e932f5766317cb651c1ff2a4cd0506 < 7c01b680beaf4d3143866b062b8e770e8b237fb8 | affected |
| Linux | Linux | 8fe4ce5836e932f5766317cb651c1ff2a4cd0506 < ec5c17c687b189dbc09dfdec11b669caa40bc395 | affected |
| Linux | Linux | 8fe4ce5836e932f5766317cb651c1ff2a4cd0506 < 944a333c8e4d42256556c1d2ebb6d773a33e0dcd | affected |
| Linux | Linux | 8fe4ce5836e932f5766317cb651c1ff2a4cd0506 < a03d96598d39fdf605d90731db3ef3b13fb8bdc8 | affected |
| Linux | Linux | 8fe4ce5836e932f5766317cb651c1ff2a4cd0506 < 1ac22c8eae81366101597d48360718dff9b9d980 | affected |
| Linux | Linux | 5ce8fad941233e81f2afb5b52a3fcddd3ba8732f | affected |
| Linux | Linux | 2e7eb4c1e8af8385de22775bd0be552f59b28c9a | affected |
| Linux | Linux | 5.15.164 < 5.15.203 | affected |
| Linux | Linux | 5.10.223 < 5.11 | affected |
| Linux | Linux | 5.19.12 < 5.20 | affected |
| Linux | Linux | 6.0 | affected |
| Linux | Linux | 0 < 6.0 | unaffected |
| Linux | Linux | 5.15.203 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.167 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.130 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.77 <= 6.12.* | unaffected |
| Linux | Linux | 6.18.17 <= 6.18.* | unaffected |
| Linux | Linux | 6.19.7 <= 6.19.* | unaffected |
| Linux | Linux | 7.0 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/0e274674714427dc578bb99db5b86e312d2b57f8
- https://git.kernel.org/stable/c/9f5e4abed9248448aa1b45b12ab0bea4d329b56a
- https://git.kernel.org/stable/c/7c01b680beaf4d3143866b062b8e770e8b237fb8
- https://git.kernel.org/stable/c/ec5c17c687b189dbc09dfdec11b669caa40bc395
- https://git.kernel.org/stable/c/944a333c8e4d42256556c1d2ebb6d773a33e0dcd
- https://git.kernel.org/stable/c/a03d96598d39fdf605d90731db3ef3b13fb8bdc8
- https://git.kernel.org/stable/c/1ac22c8eae81366101597d48360718dff9b9d980
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.