CVE-2026-23419Deadlock in Linux

CWE-833Deadlock6 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 93.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedApr 3

Description

In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix circular locking dependency in rds_tcp_tune syzbot reported a circular locking dependency in rds_tcp_tune() where sk_net_refcnt_upgrade() is called while holding the socket lock: WARNING: possible circular locking dependency detected kworker/u10:8/15040 is trying to acquire lock: ffffffff8e9aaf80 (fs_reclaim){+.+.}-{0:0}, at: __kmalloc_cache_noprof+0x4b/0x6f0 but task is already holding lock: ffff88805a3c1ce0 (k

Affected Packages3 packages

Debianlinux/linux_kernel< 6.19.8-1
CVEListV5linux/linux3a58f13a881ed351198ffab4cf9953cf19d2ab3a8babb271403378ba6836f6c8599c5313d0e2355d+6
debiandebian/linux< linux 6.19.8-1 (forky)

🔴Vulnerability Details

2
GHSA
GHSA-x244-gjj6-jc73: In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix circular locking dependency in rds_tcp_tune syzbot reported a circu2026-04-03
OSV
CVE-2026-23419: In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix circular locking dependency in rds_tcp_tune syzbot reported a circula2026-04-03

📋Vendor Advisories

2
Red Hat
kernel: net/rds: Fix circular locking dependency in rds_tcp_tune2026-04-03
Debian
CVE-2026-23419: linux - In the Linux kernel, the following vulnerability has been resolved: net/rds: Fi...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23419 Impact, Exploitability, and Mitigation Steps | Wiz