PT-2026-8201 · Linux+3 · Linux Kernel+3

Published

2026-01-01

·

Updated

2026-06-16

·

CVE-2026-23193

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)
Description A use-after-free issue exists in the iscsit dec session usage count() function within the SCSI target iSCSI component of the Linux kernel. The function calls complete() while holding the session usage lock. This can lead to a race condition where a thread may attempt to execute spin unlock bh() on a session structure that has already been deallocated, resulting in a slab-use-after-free error. The issue occurs because the waiter signaled by complete() may wake up and free the iscsit session structure immediately before the current thread finishes dereferencing it.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2026:6153
ALSA-2026:6571
ALSA-2026:6572
ALSA-2026:6632
CVE-2026-23193
ECHO-2843-4A5D-3A2D
OESA-2026-1566
OESA-2026-1567
OESA-2026-1570
OPENSUSE-SU-2026:20572-1
RHSA-2026:10108
RHSA-2026:10756
RHSA-2026:13664
RHSA-2026:13681
RHSA-2026:13734
RHSA-2026:13936
RHSA-2026:14137
RHSA-2026:14165
RHSA-2026:14301
RHSA-2026:6153
RHSA-2026:6571
RHSA-2026:6572
RHSA-2026:6632
RHSA-2026:9095
RHSA-2026:9112
RHSA-2026:9870
SUSE-SU-2026:1573-1
SUSE-SU-2026:1661-1
SUSE-SU-2026:2068-1
SUSE-SU-2026:21114-1
SUSE-SU-2026:21123-1
SUSE-SU-2026:21237-1
SUSE-SU-2026:21255-1
SUSE-SU-2026:21352-1
SUSE-SU-2026:21361-1
USN-8278-1
USN-8278-2
USN-8289-1
USN-8289-2
USN-8296-1
USN-8296-2
USN-8393-1
USN-8440-1

Affected Products

Linux Kernel
Linuxmint
Rocky Linux
Ubuntu