CVE-2026-23007

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to the initialization of the auto-generated integrity buffer for writes. Specifically, when protection information is generated and the metadata size exceeds the PI tuple size, the remaining portion of the integrity buffer remains uninitialized. This could allow userspace or individuals with physical access to the storage device to read uninitialized memory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.