CVE-2026-23434
Published: Apr 3, 2026
Modified: May 11, 2026
CVSS v3.1
7.1
Description
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: serialize lock/unlock against other NAND operations nand_lock() and nand_unlock() call into chip->ops.lock_area/unlock_area without holding the NAND device lock. On controllers that implement SET_FEATURES via multiple low-level PIO commands, these can race with concurrent UBI/UBIFS background erase/write operations that hold the device lock, resulting in cmd_pending conflicts on the NAND controller. Add nand_get_device()/nand_release_device() around the lock/unlock operations to serialize them against all other NAND controller access.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 92270086b7e5ada7ab381c06cc3da2e95ed17088 - < 28ea836cc44cb8b89c1c174707ead0c1133c60e9affected 92270086b7e5ada7ab381c06cc3da2e95ed17088 - < fe4a73c3dd48308149d57a10c2761e1d36ced7baaffected 92270086b7e5ada7ab381c06cc3da2e95ed17088 - < ce5229e78078e437704157eb542f43a6f83b429baffected 92270086b7e5ada7ab381c06cc3da2e95ed17088 - < a80291e577b44593a724d6cd64c14337c78f194daffected 92270086b7e5ada7ab381c06cc3da2e95ed17088 - < f71ce0ae5aefe39dd5b2f996c0e08550d2153ad2+3 more versions |
Linux | Linux | affected 5.7unaffected 0 - < 5.7unaffected 5.10.253 - <= 5.10.*unaffected 5.15.203 - <= 5.15.*unaffected 6.1.167 - <= 6.1.*+5 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now