AZL-77157

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-77157.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-77157

Upstream

CVE-2026-23053

Published

2026-02-04T17:16:15Z

Modified

2026-04-01T05:23:05.302328Z

Summary

CVE-2026-23053 affecting package kernel 6.6.126.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

NFS: Fix a deadlock involving nfsreleasefolio()

Wang Zhaolong reports a deadlock involving NFSv4.1 state recovery waiting on kthreadd, which is attempting to reclaim memory by calling nfsreleasefolio(). The latter cannot make progress due to state recovery being needed.

It seems that the only safe thing to do here is to kick off a writeback of the folio, without waiting for completion, or else kicking off an asynchronous commit.

References

https://nvd.nist.gov/vuln/detail/CVE-2026-23053

Affected packages

Azure Linux:3 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

6.6.126.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-77157.json"