CVE-2026-23195

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0-rc7-next-20260129+ #11

Description An use-after-free (UAF) issue exists in the cgroup/dmem subsystem of the Linux kernel. The problem arises because a memory pool can be freed while still being referenced by callers, leading to a potential UAF condition. Specifically, the issue occurs when a pool is freed even if users still hold references to it before uncharge operations are completed. The fix involves adding a reference counter to each pool, ensuring it is only freed when the reference count reaches zero.

Recommendations Update to Linux kernel version 6.19.0-rc7-next-20260129+ #11 or a later version to address this vulnerability.