CVE-2026-23177Infinite Loop in Linux

CWE-835Infinite Loop7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 93.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedFeb 14

Description

In the Linux kernel, the following vulnerability has been resolved: mm, shmem: prevent infinite loop on truncate race When truncating a large swap entry, shmem_free_swap() returns 0 when the entry's index doesn't match the given index due to lookup alignment. The failure fallback path checks if the entry crosses the end border and aborts when it happens, so truncate won't erase an unexpected entry or range. But one scenario was ignored. When `index` points to the middle of a large swap entry,

Affected Packages4 packages

Linuxlinux/linux_kernel6.12.06.12.70+1
Debianlinux/linux_kernel< 6.12.73-1+1
CVEListV5linux/linux809bc86517cc408b5b8cb8e08e69096639432bc8dfc3ab6bd64860f8022d69903be299d09be86e11+3
debiandebian/linux< linux 6.18.10-1 (forky)

🔴Vulnerability Details

3
OSV
mm, shmem: prevent infinite loop on truncate race2026-02-14
GHSA
GHSA-xwq7-47qj-qwwf: In the Linux kernel, the following vulnerability has been resolved: mm, shmem: prevent infinite loop on truncate race When truncating a large swap e2026-02-14
OSV
CVE-2026-23177: In the Linux kernel, the following vulnerability has been resolved: mm, shmem: prevent infinite loop on truncate race When truncating a large swap ent2026-02-14

📋Vendor Advisories

2
Red Hat
kernel: mm, shmem: prevent infinite loop on truncate race2026-02-14
Debian
CVE-2026-23177: linux - In the Linux kernel, the following vulnerability has been resolved: mm, shmem: ...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23177 Impact, Exploitability, and Mitigation Steps | Wiz