CVE-2026-23053Uncontrolled Resource Consumption in Linux

CWE-400Uncontrolled Resource Consumption7 documents6 sources
Severity
5.3MEDIUM
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedFeb 4

Description

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a deadlock involving nfs_release_folio() Wang Zhaolong reports a deadlock involving NFSv4.1 state recovery waiting on kthreadd, which is attempting to reclaim memory by calling nfs_release_folio(). The latter cannot make progress due to state recovery being needed. It seems that the only safe thing to do here is to kick off a writeback of the folio, without waiting for completion, or else kicking off an asynchronous

Affected Packages4 packages

Linuxlinux/linux_kernel6.3.06.6.130+2
Debianlinux/linux_kernel< 6.12.69-1+1
CVEListV5linux/linux96780ca55e3cbf4f150fd5a833a61492c9947b5ba4810f8beb0122f032f10735f98d257aa6064f4c+4
debiandebian/linux< linux 6.18.8-1 (forky)

🔴Vulnerability Details

3
OSV
CVE-2026-23053: In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a deadlock involving nfs_release_folio() Wang Zhaolong reports a deadlock2026-02-04
OSV
NFS: Fix a deadlock involving nfs_release_folio()2026-02-04
GHSA
GHSA-89rw-2v88-2798: In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a deadlock involving nfs_release_folio() Wang Zhaolong reports a deadlo2026-02-04

📋Vendor Advisories

2
Red Hat
kernel: Linux kernel: Denial of Service in NFSv4.1 client due to deadlock during memory reclaim2026-02-04
Debian
CVE-2026-23053: linux - In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a ...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23053 Impact, Exploitability, and Mitigation Steps | Wiz