CVE-2026-23195

CWE-416Use After FreeCWE-9117 documents7 sources
Severity
7.8HIGH
EPSS
0.0%
top 96.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux LinuxLinux Linux Kernel
Timeline
PublishedFeb 14

Description

In the Linux kernel, the following vulnerability has been resolved: cgroup/dmem: avoid pool UAF An UAF issue was observed: BUG: KASAN: slab-use-after-free in page_counter_uncharge+0x65/0x150 Write of size 8 at addr ffff888106715440 by task insmod/527 CPU: 4 UID: 0 PID: 527 Comm: insmod 6.19.0-rc7-next-20260129+ #11 Tainted: [O]=OOT_MODULE Call Trace: dump_stack_lvl+0x82/0xd0 kasan_report+0xca/0x100 kasan_check_range+0x39/0x1c0 page_counter_uncharge+0x65/0x150 dmem_cgroup_uncharge+0x1f/0x260

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages3 packages

NVDlinux/linux_kernel6.146.18.10+1
CVEListV5linux/linuxb168ed458ddecc176f3b9a1f4bcd83d7a4541c14d3081353acaa6a638dcf75726066ea556a2de8d5+2
Debianlinux< 6.18.10-1

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
CVEList
cgroup/dmem: avoid pool UAF2026-02-14
GHSA
GHSA-xcg5-9p3p-fgrj: In the Linux kernel, the following vulnerability has been resolved: cgroup/dmem: avoid pool UAF An UAF issue was observed: BUG: KASAN: slab-use-aft2026-02-14
OSV
CVE-2026-23195: In the Linux kernel, the following vulnerability has been resolved: cgroup/dmem: avoid pool UAF An UAF issue was observed: BUG: KASAN: slab-use-after-2026-02-14

📋Vendor Advisories

2
Red Hat
kernel: cgroup/dmem: avoid pool UAF2026-02-14
Debian
CVE-2026-23195: linux - In the Linux kernel, the following vulnerability has been resolved: cgroup/dmem...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23195 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23195 (HIGH CVSS 7.8) | In the Linux kernel | cvebase.io