CVE-2026-23059Classic Buffer Overflow in Linux

CWE-120Classic Buffer Overflow7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedFeb 4

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Sanitize payload size to prevent member overflow In qla27xx_copy_fpin_pkt() and qla27xx_copy_multiple_pkt(), the frame_size reported by firmware is used to calculate the copy length into item->iocb. However, the iocb member is defined as a fixed-size 64-byte array within struct purex_item. If the reported frame_size exceeds 64 bytes, subsequent memcpy calls will overflow the iocb member boundary. While extra me

Affected Packages4 packages

Linuxlinux/linux_kernel6.6.06.6.122+2
Debianlinux/linux_kernel< 6.12.69-1+1
CVEListV5linux/linux875386b98857822b77ac7f95bdf367b70af5b78c408bfa8d70f79ac696cec1bdbdfb3bf43a02e6d0+4
debiandebian/linux< linux 6.18.8-1 (forky)

🔴Vulnerability Details

3
OSV
scsi: qla2xxx: Sanitize payload size to prevent member overflow2026-02-04
OSV
CVE-2026-23059: In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Sanitize payload size to prevent member overflow In qla27xx_copy_fp2026-02-04
GHSA
GHSA-6mm8-fcwp-3g49: In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Sanitize payload size to prevent member overflow In qla27xx_copy_2026-02-04

📋Vendor Advisories

2
Red Hat
kernel: scsi: qla2xxx: Sanitize payload size to prevent member overflow2026-02-04
Debian
CVE-2026-23059: linux - In the Linux kernel, the following vulnerability has been resolved: scsi: qla2x...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23059 Impact, Exploitability, and Mitigation Steps | Wiz