CVE-2026-23223

Published: Feb 18, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: xfs: fix UAF in xchk_btree_check_block_owner We cannot dereference bs->cur when trying to determine if bs->cur aliases bs->sc->sa.{bno,rmap}_cur after the latter has been freed. Fix this by sampling before type before any freeing could happen. The correct temporal ordering was broken when we removed xfs_btnum_t.

Vendor	Product	Versions
Linux	Linux	affected `ec793e690f801d97a7ae2a0d429fea1fee4d44aa - < 1d411278dda293a507cb794db7d9ed3511c685c6` affected `ec793e690f801d97a7ae2a0d429fea1fee4d44aa - < ed82e7949f5cac3058f4100f3cd670531d41a266` affected `ec793e690f801d97a7ae2a0d429fea1fee4d44aa - < ba5264610423d9653aa36920520902d83841bcfd` affected `ec793e690f801d97a7ae2a0d429fea1fee4d44aa - < 1c253e11225bc5167217897885b85093e17c2217`
Linux	Linux	affected `6.9` unaffected `0 - < 6.9` unaffected `6.12.72 - <= 6.12.` unaffected `6.18.11 - <= 6.18.` unaffected `6.19.1 - <= 6.19.*` +1 more versions

References

https://git.kernel.org/stable/c/1d411278dda293a507cb794db7d9ed3511c685c6

https://git.kernel.org/stable/c/ed82e7949f5cac3058f4100f3cd670531d41a266

https://git.kernel.org/stable/c/ba5264610423d9653aa36920520902d83841bcfd

https://git.kernel.org/stable/c/1c253e11225bc5167217897885b85093e17c2217

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-23223

Description

Affected Products

References