CVE-2026-23244

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0 #1

Description The Linux kernel contains a flaw in the nvme pr read keys() function related to memory allocation. A malicious or buggy userspace process can provide a large num keys value, leading to an attempt to allocate up to 4MB of memory. This can cause a warning in the page allocator when the allocation exceeds the MAX PAGE ORDER limit. The issue occurs because nvme pr read keys() uses the provided num keys value to calculate the allocation size for rse via struct size(), with an upper limit of PR KEYS MAX (64K). The fix involves using kvzalloc() instead of kzalloc().

Recommendations Update to a version newer than 6.19.0 #1.