VDB
CVE-2026-23423
CVE-2026-23423
PUBLISHED
In the Linux kernel, the following vulnerability has been resolved: btrfs: free pages on error in btrfs_uring_read_extent() In this function the 'pages' object is never freed in the hopes that it is picked up by btrfs_uring_read_finished() whenever that executes in the future. But that's just the happy path. Along the way previous allocations might have gone wrong, or we might not get -EIOCBQUEUED from btrfs_encoded_read_regular_fill_pages(). In all these cases, we go to a cleanup section that frees all memory allocated by this function without assuming any deferred execution, and this also needs to happen for the 'pages' allocation.
EPSS 0.02% · 3.4th percentile
Risk Scores
EPSS Score
0.02%
3.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| linux | linux_kernel | 6.13, 6.13, 6.13 |
| Linux | Linux | 34310c442e175f286b4c06ab5caa4e0b267ea31c, 34310c442e175f286b4c06ab5caa4e0b267ea31c, 6.13 |
Timeline
- Apr 3, 2026 CVE Published
- Apr 3, 2026 Security Advisory
- Apr 23, 2026 CVE Updated
- May 18, 2026 EPSS Score
- May 19, 2026 EPSS Score
- May 20, 2026 EPSS Score
- May 21, 2026 EPSS Score
- May 22, 2026 EPSS Score
- May 23, 2026 EPSS Score
- May 24, 2026 EPSS Score
- May 25, 2026 EPSS Score
- May 26, 2026 EPSS Score