CVE-2026-23194

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel's rust binder component related to handling FDA (fd array) objects. Specifically, the issue arises when processing empty FDA objects with a length of zero, leading to a potential out-of-bounds write error. The previous implementation incorrectly interpreted a skip length of zero, resulting in an attempt to write beyond the allocated buffer when the FDA was located at the end of the buffer. This condition triggered an EINVAL error in userspace. The root cause was identified by Gemini CLI.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.