CVE-2026-23043

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A NULL pointer dereference issue exists in the do abort log replay() function within the Btrfs log replay component of the Linux kernel. The issue, identified by Coverity (CID 1666756), occurs when btrfs alloc path() fails during buffer replay, resulting in a NULL value for wc->subvol path. Subsequently, btrfs abort log replay() unconditionally dereferences this NULL pointer when attempting to print debug information. The fix involves adding a NULL check before dereferencing wc->subvol path within do abort log replay().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-23043

Affected Products

Btrfs

Linux Kernel

CVE-2026-23043

Related Identifiers

Affected Products

References · 14