CVE-2026-23251

Published: Mar 18, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: xfs: only call xf{array,blob}_destroy if we have a valid pointer Only call the xfarray and xfblob destructor if we have a valid pointer, and be sure to null out that pointer afterwards. Note that this patch fixes a large number of commits, most of which were merged between 6.9 and 6.10.

Vendor	Product	Versions
Linux	Linux	affected `ab97f4b1c030750f2475bf4da8a9554d02206640 - < 5de5be3ed7e7fa4ebde4f4b58fb9a629644f9202` affected `ab97f4b1c030750f2475bf4da8a9554d02206640 - < c9ccefacae0d8091683447bc338bd7741417039d` affected `ab97f4b1c030750f2475bf4da8a9554d02206640 - < d827612c81a26cc1dd83a211cfcb5ad8765da0c4` affected `ab97f4b1c030750f2475bf4da8a9554d02206640 - < ba408d299a3bb3c5309f40c5326e4fb83ead4247`
Linux	Linux	affected `6.10` unaffected `0 - < 6.10` unaffected `6.12.75 - <= 6.12.` unaffected `6.18.16 - <= 6.18.` unaffected `6.19.6 - <= 6.19.*` +1 more versions

References

https://git.kernel.org/stable/c/5de5be3ed7e7fa4ebde4f4b58fb9a629644f9202

https://git.kernel.org/stable/c/c9ccefacae0d8091683447bc338bd7741417039d

https://git.kernel.org/stable/c/d827612c81a26cc1dd83a211cfcb5ad8765da0c4

https://git.kernel.org/stable/c/ba408d299a3bb3c5309f40c5326e4fb83ead4247

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-23251

Description

Affected Products

References