CVE-2026-23249

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the XFS file system related to the revalidation of two btrees during file system repair. Specifically, the issue arises when rebuilding both the free space and inode btrees concurrently. The first btree revalidation can nullify a cursor required by the second revalidation, leading to a null pointer dereference and a system crash. This occurs because the first call to xchk allocbt() nullifies the cursor needed by the second call. The issue affects the xrep revalidate allocbt() function, which is called through a chain including xfs file ioctl(), xfs ioc scrubv metadata(), and xfs scrub metadata(). The function sc->ops->repair eval(sc) is also involved. The vulnerability is triggered when the first btree revalidation fails on a cross-reference attempt, resulting in the deletion of the cursor used by the second btree. The same issue also affects the xrep revalidate iallocbt function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.