CVE-2026-23110

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)

Description A race condition exists within the SCSI layer of the Linux kernel that can prevent the error handler from being woken up, leading to stuck I/O operations. This occurs due to memory ordering issues in scsi dec host busy() and scsi eh inc host failed(). Specifically, the write operation clearing SCMD STATE INFLIGHT can be reordered with reads counting in scsi host busy(), potentially causing other CPUs to observe an incorrect busy count. Additionally, counting busy commands before incrementing host failed can race with a final command in scsi dec host busy(), preventing the error handler task from being woken up.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2026-23110

ECHO-A0DC-8697-74CD

OESA-2026-1566

OESA-2026-1567

OESA-2026-1570

OPENSUSE-SU-2026:20416-1

SUSE-SU-2026:0962-1

SUSE-SU-2026:1081-1

SUSE-SU-2026:20667-1

SUSE-SU-2026:20720-1

SUSE-SU-2026:20838-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

SUSE-SU-2026:20931-1

SUSE-SU-2026:21284-1

USN-8278-1

USN-8289-1

USN-8296-1

Affected Products

Linux Kernel

Ubuntu

CVE-2026-23110

Weakness Enumeration

Related Identifiers

Affected Products

References · 1857