CVE-2026-23002NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference7 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 95.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedJan 25

Description

In the Linux kernel, the following vulnerability has been resolved: lib/buildid: use __kernel_read() for sleepable context Prevent a "BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio". For the sleepable context, convert freader to use __kernel_read() instead of direct page cache access via read_cache_folio(). This simplifies the faultable code path by using the standard kernel file reading interface which handles all the complexity of reading file data. At the mome

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages5 packages

Linuxlinux/linux_kernel6.12.06.12.67+1
NVDlinux/linux_kernel6.12.16.12.67+3
Debianlinux/linux_kernel< 6.12.69-1+1
CVEListV5linux/linuxad41251c290dfe3c01472c94d2439a59de23fe97b11dfb7708f212b96c7973a474014c071aa02e05+3
debiandebian/linux< linux 6.18.8-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
OSV
CVE-2026-23002: In the Linux kernel, the following vulnerability has been resolved: lib/buildid: use __kernel_read() for sleepable context Prevent a "BUG: unable to h2026-01-25
GHSA
GHSA-g95h-2j46-jx6w: In the Linux kernel, the following vulnerability has been resolved: lib/buildid: use __kernel_read() for sleepable context Prevent a "BUG: unable to2026-01-25
OSV
lib/buildid: use __kernel_read() for sleepable context2026-01-25

📋Vendor Advisories

2
Red Hat
kernel: lib/buildid: use __kernel_read() for sleepable context2026-01-25
Debian
CVE-2026-23002: linux - In the Linux kernel, the following vulnerability has been resolved: lib/buildid...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23002 Impact, Exploitability, and Mitigation Steps | Wiz