PT-2026-26102 · Linux · Linux Kernel
Jiaming Zhang
·
Published
2026-01-01
·
Updated
2026-06-01
·
CVE-2026-23252
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions 6.6 through 6.14
Description
The Linux kernel contains an issue where the
xchk xfile * descr macros utilize kasprintf, which may fail to allocate memory if the resulting formatted string exceeds a certain length. This can occur because the formatted strings can exceed the memory allocation limits. The issue was identified through fuzzing with syzbot. The xchk xfile * descr macros are used for debugging purposes and are not essential for functionality.Recommendations
Versions 6.6 through 6.14 should be updated to a later version that addresses this issue.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux Kernel