CVE-2026-23123
- Source
- https://cve.org/CVERecord?id=CVE-2026-23123
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-23123.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2026-23123
- Downstream
- Related
- Published
- 2026-02-14T15:09:53.369Z
- Modified
- 2026-04-02T17:30:25.696815404Z
- Summary
- interconnect: debugfs: initialize src_node and dst_node to empty strings
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
interconnect: debugfs: initialize srcnode and dstnode to empty strings
The debugfscreatestr() API assumes that the string pointer is either NULL or points to valid kmalloc() memory. Leaving the pointer uninitialized can cause problems.
Initialize srcnode and dstnode to empty strings before creating the debugfs entries to guarantee that reads and writes are safe.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23123.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/5d7c7e1fb3ec24fdd0f9faa27b666d6789e891e8
- https://git.kernel.org/stable/c/8cc27f5c6dd17dd090f3a696683f04336c162ff5
- https://git.kernel.org/stable/c/935d0938b570589c8b0a1733d2cba3c39d027f25
- https://git.kernel.org/stable/c/aa79a5a959c7c414bd6fba01ea8dbaddd44f13e7
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23123.json
- https://nvd.nist.gov/vuln/detail/CVE-2026-23123
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced770c69f037c18cfaa37c3d6c6ef8bd257635513fFixedaa79a5a959c7c414bd6fba01ea8dbaddd44f13e7Fixed935d0938b570589c8b0a1733d2cba3c39d027f25Fixed5d7c7e1fb3ec24fdd0f9faa27b666d6789e891e8Fixed8cc27f5c6dd17dd090f3a696683f04336c162ff5