CVE-2026-23472Use of Function with Inconsistent Implementations in Linux

CWE-474Use of Function with Inconsistent Implementations7 documents7 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 94.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedApr 3

Description

In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN uart_write_room() and uart_write() behave inconsistently when xmit_buf is NULL (which happens for PORT_UNKNOWN ports that were never properly initialized): - uart_write_room() returns kfifo_avail() which can be > 0 - uart_write() checks xmit_buf and returns 0 if NULL This inconsistency causes an infinite loop in drivers that rely on tty_write_room() to determine

Affected Packages4 packages

Debianlinux/linux_kernel< 6.19.10-1
CVEListV5linux/linux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2efe85a557186b7fe915572ae93a8f3f78bfd9a22+3
debiandebian/linux< linux 6.19.10-1 (forky)

🔴Vulnerability Details

2
OSV
CVE-2026-23472: In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN uart_write_room()2026-04-03
GHSA
GHSA-xx77-8cp4-rx22: In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN uart_write_room(2026-04-03

📋Vendor Advisories

3
Red Hat
kernel: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN2026-04-03
Microsoft
serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN2026-04-02
Debian
CVE-2026-23472: linux - In the Linux kernel, the following vulnerability has been resolved: serial: cor...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23472 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23472 — Linux vulnerability | cvebase