CVE-2026-23474Buffer Access with Incorrect Length Value in Linux

CWE-805Buffer Access with Incorrect Length Value6 documents6 sources
Severity
6.9MEDIUM
No vector
EPSS
0.0%
top 88.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedApr 3

Description

In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIG_FORTIFY_SOURCE=y and a recent compiler, commit 439a1bcac648 ("fortify: Use __builtin_dynamic_object_size() when available") produces the warning below and an oops. Searching for RedBoot partition table in 50000000.flash at offset 0x7e0000 ------------[ cut here ]------------ WARNING: lib/string_helpers.c:1035 at 0xc029e04c, CPU#0: swapper/0/1 memcmp: detecte

Affected Packages3 packages

Debianlinux/linux_kernel< 6.19.10-1
CVEListV5linux/linux1da177e4c3f41524e886b7f1b8a0c1fc7321cac20b08be5aca212a99f8ba786fee4922feac08002c+6
debiandebian/linux< linux 6.19.10-1 (forky)

🔴Vulnerability Details

2
OSV
CVE-2026-23474: In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIG_FORTIFY_SOURC2026-04-03
GHSA
GHSA-hvxh-97j9-4hcx: In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIG_FORTIFY_SOU2026-04-03

📋Vendor Advisories

2
Red Hat
kernel: mtd: Avoid boot crash in RedBoot partition table parser2026-04-03
Debian
CVE-2026-23474: linux - In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid ...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23474 Impact, Exploitability, and Mitigation Steps | Wiz