CVE-2026-23251

Enriched by CISA
 

In the Linux kernel, the following vulnerability has been resolved: xfs: only call xf{array,blob}_destroy if we have a valid pointer Only call the xfarray and xfblob destructor if we have a valid pointer, and be sure to null out that pointer afterwards. Note that this patch fixes a large number of commits, most of which were merged between 6.9 and 6.10.
https://nvd.nist.gov/vuln/detail/CVE-2026-23251

Categories

No category defined

References


 

AFFECTED (from MITRE)

Vendor Product Versions
Linux Linux
  • ab97f4b1c030750f2475bf4da8a9554d02206640 < 5de5be3ed7e7fa4ebde4f4b58fb9a629644f9202 [affected]
  • ab97f4b1c030750f2475bf4da8a9554d02206640 < c9ccefacae0d8091683447bc338bd7741417039d [affected]
  • ab97f4b1c030750f2475bf4da8a9554d02206640 < d827612c81a26cc1dd83a211cfcb5ad8765da0c4 [affected]
  • ab97f4b1c030750f2475bf4da8a9554d02206640 < ba408d299a3bb3c5309f40c5326e4fb83ead4247 [affected]
Linux Linux
  • 6.10 [affected]
  • < 6.10 [unaffected]
  • 6.12.75 ≤ 6.12.* [unaffected]
  • 6.18.16 ≤ 6.18.* [unaffected]
  • 6.19.6 ≤ 6.19.* [unaffected]
  • 7.0-rc1 ≤ * [unaffected]
© 2022 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

CPE

cpe start end
Configuration 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 6.10 < 6.12.75
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 6.10 < 6.18.16
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 6.10 < 6.19.6
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 6.10 < 7.0-rc1

REMEDIATION


EXPLOITS

Exploit-db.com

id description date
No known exploits

POC Github

Url
No known exploits

Other Nist (github, ...)

Url
No known exploits

CAPEC

Common Attack Pattern Enumerations and Classifications

id description severity
No entry