CVE-2026-23420 — Unlock of a Resource that is not Locked in Linux

CWE-832 — Unlock of a Resource that is not Locked7 documents7 sources

Severity

5.5MEDIUM

No vector

EPSS

0.0%

top 90.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedApr 3

Latest updateApr 19

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bug Make sure that wl->mutex is locked before it is unlocked. This has been detected by the Clang thread-safety analyzer.

Affected Packages3 packages

▶Debianlinux/linux_kernel< 6.19.8-1

▶CVEListV5linux/linux45aa7f071b06c8481afed4c7b93e07c9584741e8 — 7ab511003c5ae3bf5364d7699a2e3ab1db513680+6

▶debiandebian/linux< linux 6.19.8-1 (forky)

🔴Vulnerability Details

VulDB

Linux Kernel up to 7.0-rc2 wifi denial of service (EUVD-2026-18637 / Nessus ID 304986)↗2026-04-19

▶

GHSA

GHSA-x5cv-7h6w-46hm: In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bug Make sure that wl->mutex is locked before it is↗2026-04-03

▶

OSV

CVE-2026-23420: In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bug Make sure that wl->mutex is locked before it is un↗2026-04-03

▶

📋Vendor Advisories

Red Hat

kernel: wifi: wlcore: Fix a locking bug↗2026-04-03

▶

Debian

CVE-2026-23420: linux - In the Linux kernel, the following vulnerability has been resolved: wifi: wlcor...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-23420 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶