CVE-2026-23355

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the libata subsystem related to handling deferred quality of service (QC) commands. Specifically, the code does not cancel pending work after clearing a deferred QC, potentially leading to incorrect command execution when a port is reset and new commands are queued. This can occur when non-NCQ commands are queued alongside NCQ commands, and a timeout or error clears the deferred QC before the associated work is completed. The issue arises because the work intended for an earlier non-NCQ command might be executed in the context of a later non-NCQ command, causing unexpected behavior. The vulnerability was identified through Syzbot reporting a WARN ON() in the ata scsi deferred qc work() function. The function ata scsi schedule deferred qc() is involved in scheduling the deferred QC. The vulnerable operation involves checking the return value of ap->ops->qc defer() before issuing the deferred QC.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.