CVE-2026-23234

Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)

Description The Linux kernel contains a use-after-free issue in the f2fs write end io() function. This issue occurs due to a race condition where memory associated with the superblock (sbi) is freed while still being accessed during writeback operations. The vulnerability was identified through syzbot testing. The race condition involves a loop device, worker thread, and the kill f2fs super() function, which can lead to accessing freed memory. The issue is resolved by relocating the checkpoint thread wakeup flow before folio end writeback().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.