Linux · Linux Kernel · CVE-2026-23249
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The Linux kernel contains a flaw within the XFS file system related to the revalidation of two btrees during file system repair. Specifically, the issue arises when rebuilding both the free space and inode btrees concurrently. The first btree revalidation can nullify a cursor required by the second revalidation, leading to a null pointer dereference and a system crash. This occurs because the first call to `xchk allocbt()` nullifies the cursor needed by the second call. The issue affects the `xrep revalidate allocbt()` function, which is called through a chain including `xfs file ioctl()`, `xfs ioc scrubv metadata()`, and `xfs scrub metadata()`. The function `sc->ops->repair eval(sc)` is also involved. The vulnerability is triggered when the first btree revalidation fails on a cross-reference attempt, resulting in the deletion of the cursor used by the second btree. The same issue also affects the `xrep revalidate iallocbt` function.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.