CVE-2026-23161

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A race condition exists in the shmem swap freeing helper within the Linux kernel. The issue arises from incorrectly handling the order of swap entries, specifically when retrieving the order before erasing the swap entry with xa cmpxchg irq. This can lead to outdated order values if the entry is split or modified concurrently. Additionally, the order could potentially exceed expected bounds, causing truncation to erase data beyond the intended border. The problem was observed during ZSWAP stress testing, resulting in swapoff hangs and kernel panics. The fix involves opening the code for the Xarray cmpxchg and placing order retrieval and value checking within the same critical section, along with ensuring the order does not exceed the end border.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.