CVE-2026-23360

Summary

In the Linux kernel, the following vulnerability has been resolved:

nvme: fix admin queue leak on controller reset

When nvme_alloc_admin_tag_set() is called during a controller reset, a previous admin queue may still exist. Release it properly before allocating a new one to avoid orphaning the old queue.

This fixes a regression introduced by commit 03b3bcd319b3 ("nvme: fix admin request_queue lifetime").

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxff037b5f47eeccc1636c03f84cd47db094eb73c9 < 089a6f17881a82c6c6e05f8564a867be0767eadeaffected
LinuxLinux4896491c497226022626c3acc46044fd182f943c < 6e28bab900e40e4d610b04f9f82e01983d8fb356affected
LinuxLinuxa505f0ba36ab24176c300d7ff56aff85c2977e6c < 2efbc838a26d3da72d8fe05770bdf869d4ca3ac5affected
LinuxLinuxe8061d02b49c5c901980f58d91e96580e9a14acf < 64f87b96de0e645a4c066c7cffd753f334446db6affected
LinuxLinux03b3bcd319b3ab5182bc9aaa0421351572c78ac0 < e159eb852aeee95443a9458ecb7d072bbb689913affected
LinuxLinux03b3bcd319b3ab5182bc9aaa0421351572c78ac0 < 8eb2b3cdcd9b6631b94b82c1f4f6bc32b40d942faffected
LinuxLinux03b3bcd319b3ab5182bc9aaa0421351572c78ac0 < b84bb7bd913d8ca2f976ee6faf4a174f91c02b8daffected
LinuxLinuxe7dac681790556c131854b97551337aa8042215baffected
LinuxLinux6.1.167 < 6.1.168affected
LinuxLinux6.6.120 < 6.6.131affected
LinuxLinux6.12.62 < 6.12.77affected
LinuxLinux6.17.12 < 6.18affected
LinuxLinux6.18affected
LinuxLinux0 < 6.18unaffected
LinuxLinux6.1.168 <= 6.1.*unaffected
LinuxLinux6.6.131 <= 6.6.*unaffected
LinuxLinux6.12.77 <= 6.12.*unaffected
LinuxLinux6.18.17 <= 6.18.*unaffected
LinuxLinux6.19.7 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References