CVE-2026-23216
Severity
7.8HIGH
EPSS
0.0%
top 97.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 18
Description
In the Linux kernel, the following vulnerability has been resolved:
scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()
In iscsit_dec_conn_usage_count(), the function calls complete() while
holding the conn->conn_usage_lock. As soon as complete() is invoked, the
waiter (such as iscsit_close_connection()) may wake up and proceed to free
the iscsit_conn structure.
If the waiter frees the memory before the current thread reaches
spin_unlock_bh(), it results in a KASAN slab-u…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages4 packages
▶CVEListV5linux/linuxe48354ce078c079996f89d715dfa44814b4eba01 — ba684191437380a07b27666eb4e72748be1ea201+7
Patches
🔴Vulnerability Details
3OSV▶
CVE-2026-23216: In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() In iscsit↗2026-02-18
GHSA▶
GHSA-jfq5-qg8x-7rmp: In the Linux kernel, the following vulnerability has been resolved:
scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()
In iscs↗2026-02-18
📋Vendor Advisories
3Debian▶
CVE-2026-23216: linux - In the Linux kernel, the following vulnerability has been resolved: scsi: targe...↗2026
🕵️Threat Intelligence
1💬Community
1Bugzilla▶
CVE-2026-23216 kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()↗2026-02-18