CVE-2026-23253

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel's dvb-core component related to the reinitialization of a ring buffer when a device is reopened. The dvb dvr open() function incorrectly calls dvb ringbuffer init(), which reinitializes the waitqueue list head, potentially leading to orphaned waitqueue entries from io uring poll or epoll with stale pointers. This occurs because the waitqueue is shared across multiple opens of the same DVR device. The issue arises from unnecessary reinitialization of the waitqueue and spinlock, which are already properly initialized during the initial device setup. The fix involves replacing the call to dvb ringbuffer init() with direct assignment of data and size, along with a call to dvb ringbuffer reset(), ensuring correct memory ordering without affecting the waitqueue or spinlock.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.