UAF Vulnerability in Linux Kernel Affecting EROFS Product by Linux Foundation
CVE-2026-23224

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 February 2026

What is CVE-2026-23224?

A vulnerability in the Linux kernel's EROFS file system can lead to a Use After Free (UAF) condition when using file-backed mounts with the directio option. This issue arises due to a race condition in the management of reference counts within the erofs_fileio_rq structure. When this occurs, access to a potentially freed memory space can happen, leading to system instability or crashes. A patch has been introduced that utilizes reference counting to manage the lifecycle of requests more effectively, preventing premature memory deallocation and protecting the integrity of file operations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux fb176750266a3d7f42ebdcf28e8ba40350b27847

Linux fb176750266a3d7f42ebdcf28e8ba40350b27847

Linux fb176750266a3d7f42ebdcf28e8ba40350b27847

References

https://git.kernel.org/stable/c/ae385826840a3c8e09bf38cac...
https://git.kernel.org/stable/c/d741534302f71c511eb0bb670...
https://git.kernel.org/stable/c/b2ee5e4d5446babd23ff7beb4...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.