CVE-2026-23161
Severity
4.7MEDIUM
EPSS
0.0%
top 97.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 14
Latest updateApr 13
Description
In the Linux kernel, the following vulnerability has been resolved:
mm/shmem, swap: fix race of truncate and swap entry split
The helper for shmem swap freeing is not handling the order of swap
entries correctly. It uses xa_cmpxchg_irq to erase the swap entry, but it
gets the entry order before that using xa_get_order without lock
protection, and it may get an outdated order value if the entry is split
or changed in other ways after the xa_get_order and before the
xa_cmpxchg_irq.
And besides,…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:HExploitability: 1.8 | Impact: 5.5
Affected Packages3 packages
▶CVEListV5linux/linux809bc86517cc408b5b8cb8e08e69096639432bc8 — a99f9a4669a04662c8f9efe0e62cafc598153139+3
Patches
🔴Vulnerability Details
4VulDB▶
Linux Kernel up to 6.12.68/6.18.8 xa_cmpxchg_irq denial of service (Nessus ID 299232 / WID-SEC-2026-0421)↗2026-04-13
OSV▶
CVE-2026-23161: In the Linux kernel, the following vulnerability has been resolved: mm/shmem, swap: fix race of truncate and swap entry split The helper for shmem swa↗2026-02-14
GHSA▶
GHSA-4rgv-cpg8-f3hr: In the Linux kernel, the following vulnerability has been resolved:
mm/shmem, swap: fix race of truncate and swap entry split
The helper for shmem s↗2026-02-14