CVE-2026-23416

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to memory management (mm/mseal) where the end of a Virtual Memory Area (VMA) was not correctly updated during a merge operation. This occurred because the code stored the end of the current VMA in curr end, and then updated curr start to curr end to move to the next VMA. However, if a VMA was modified by vma modify flags(), curr end could become outdated, leading to an incorrect curr start in the subsequent iteration. The issue was resolved by unconditionally setting curr end to vma->vm end to ensure it remained current. The fix also simplifies the logic by clamping curr [start/end] to the input range and VMAs.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.