CVE-2026-23198

CWE-476NULL Pointer Dereference7 documents7 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 96.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux LinuxLinux Linux Kernel
Timeline
PublishedFeb 14

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassigning irqfd When deassigning a KVM_IRQFD, don't clobber the irqfd's copy of the IRQ's routing entry as doing so breaks kvm_arch_irq_bypass_del_producer() on x86 and arm64, which explicitly look for KVM_IRQ_ROUTING_MSI. Instead, to handle a concurrent routing update, verify that the irqfd is still active before consuming the routing information. As evidenced by the x86 and arm64

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel4.45.10.250+6
CVEListV5linux/linuxf70c20aaf141adb715a2d750c55154073b02a9c3959a063e7f12524bc1871ad1f519787967bbcd45+7
Debianlinux< 5.10.251-1+3
Debianlinux-6.1< 6.1.164-1~deb11u1

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
CVEList
KVM: Don't clobber irqfd routing type when deassigning irqfd2026-02-14
GHSA
GHSA-68jg-6v9h-662h: In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassigning irqfd When deassigning a2026-02-14
OSV
CVE-2026-23198: In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassigning irqfd When deassigning a KV2026-02-14

📋Vendor Advisories

2
Red Hat
kernel: KVM: Don't clobber irqfd routing type when deassigning irqfd2026-02-14
Debian
CVE-2026-23198: linux - In the Linux kernel, the following vulnerability has been resolved: KVM: Don't ...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23198 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23198 (MEDIUM CVSS 5.5) | In the Linux kernel | cvebase.io