{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23053", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.950Z", "datePublished": "2026-02-04T16:04:22.574Z", "dateUpdated": "2026-05-11T21:59:05.561Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T21:59:05.561Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix a deadlock involving nfs_release_folio()\n\nWang Zhaolong reports a deadlock involving NFSv4.1 state recovery\nwaiting on kthreadd, which is attempting to reclaim memory by calling\nnfs_release_folio(). The latter cannot make progress due to state\nrecovery being needed.\n\nIt seems that the only safe thing to do here is to kick off a writeback\nof the folio, without waiting for completion, or else kicking off an\nasynchronous commit."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/nfs/file.c", "fs/nfs/nfstrace.h", "fs/nfs/write.c", "include/linux/nfs_fs.h"], "versions": [{"version": "96780ca55e3cbf4f150fd5a833a61492c9947b5b", "lessThan": "a4810f8beb0122f032f10735f98d257aa6064f4c", "status": "affected", "versionType": "git"}, {"version": "96780ca55e3cbf4f150fd5a833a61492c9947b5b", "lessThan": "49d352bc263fe4a834233338bfaad31b3109addf", "status": "affected", "versionType": "git"}, {"version": "96780ca55e3cbf4f150fd5a833a61492c9947b5b", "lessThan": "19b4d9ab5e77843eac0429c019470c02f8710b55", "status": "affected", "versionType": "git"}, {"version": "96780ca55e3cbf4f150fd5a833a61492c9947b5b", "lessThan": "cce0be6eb4971456b703aaeafd571650d314bcca", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/nfs/file.c", "fs/nfs/nfstrace.h", "fs/nfs/write.c", "include/linux/nfs_fs.h"], "versions": [{"version": "6.3", "status": "affected"}, {"version": "0", "lessThan": "6.3", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.130", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.67", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.7", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.3", "versionEndExcluding": "6.6.130"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.3", "versionEndExcluding": "6.12.67"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.3", "versionEndExcluding": "6.18.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.3", "versionEndExcluding": "6.19"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/a4810f8beb0122f032f10735f98d257aa6064f4c"}, {"url": "https://git.kernel.org/stable/c/49d352bc263fe4a834233338bfaad31b3109addf"}, {"url": "https://git.kernel.org/stable/c/19b4d9ab5e77843eac0429c019470c02f8710b55"}, {"url": "https://git.kernel.org/stable/c/cce0be6eb4971456b703aaeafd571650d314bcca"}], "title": "NFS: Fix a deadlock involving nfs_release_folio()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix a deadlock involving nfs_release_folio()\n\nWang Zhaolong reports a deadlock involving NFSv4.1 state recovery\nwaiting on kthreadd, which is attempting to reclaim memory by calling\nnfs_release_folio(). The latter cannot make progress due to state\nrecovery being needed.\n\nIt seems that the only safe thing to do here is to kick off a writeback\nof the folio, without waiting for completion, or else kicking off an\nasynchronous commit."}, {"lang": "es", "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nNFS: Correcci\u00f3n de un interbloqueo que involucra a nfs_release_folio()\n\nWang Zhaolong informa de un interbloqueo que involucra la recuperaci\u00f3n de estado de NFSv4.1 esperando en kthreadd, que est\u00e1 intentando reclamar memoria llamando a nfs_release_folio(). Este \u00faltimo no puede avanzar debido a que se necesita la recuperaci\u00f3n de estado.\n\nParece que lo \u00fanico seguro que se puede hacer aqu\u00ed es iniciar una escritura diferida del folio, sin esperar a que se complete, o bien iniciar una confirmaci\u00f3n as\u00edncrona."}], "id": "CVE-2026-23053", "lastModified": "2026-04-15T00:35:42.020", "metrics": {}, "published": "2026-02-04T17:16:15.970", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/19b4d9ab5e77843eac0429c019470c02f8710b55"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/49d352bc263fe4a834233338bfaad31b3109addf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a4810f8beb0122f032f10735f98d257aa6064f4c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/cce0be6eb4971456b703aaeafd571650d314bcca"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Deferred"}

{"bugzilla": {"description": "kernel: NFS: Fix a deadlock involving nfs_release_folio()", "id": "2436778", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436778"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2026-23053", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-02-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23053\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23053\nhttps://lore.kernel.org/linux-cve-announce/2026020451-CVE-2026-23053-f630@gregkh/T"], "threat_severity": "Moderate"}

{"analysis": {"en": {"generated_at": "2026-04-16T06:59:52.310579+00:00", "value": {"mitigation_remediation": ["Upgrade the Linux kernel to a version that includes the fix for CVE-2026-23053. The patch is available in the upstream kernel repository as referenced in the provided links, so install the latest stable release.", "If immediate kernel upgrade is not feasible, consider temporarily disabling NFSv4.1 state recovery on the server or limiting NFS client mounts to NFSv3 until a patch is applied.", "Monitor the server for signs of NFS stalls or kernel timeouts and apply any vendor-released updates as soon as they become available."], "summary": {"action": "Apply Patch", "impact": "Denial of Service (Kernel Deadlock)"}, "threat_synthesis": {"affected_systems": "The vulnerability is present in the Linux kernel NFS subsystem across all distributions that ship the unpatched kernel code. Any Linux installation using the affected kernel is potentially impacted.", "description_and_impact": "The Linux kernel contains a deadlock bug in the NFSv4.1 state recovery path involving nfs_release_folio(). During state recovery, the kernel attempts to reclaim memory by calling nfs_release_folio(), but this call stalls because the state recovery process is also waiting to be completed. The resulting lock cycle can cause the kernel to freeze or the NFS service to become unresponsive, leading to a denial of service for clients depending on the affected server.", "risk_and_exploitability": "The severity score of 7.0 indicates a moderate to high risk to availability. The EPSS score is less than 1 percent, suggesting that the likelihood of active exploitation is low at the present time. The vulnerability is not listed in the CISA KEV catalog. An attacker would need to trigger the NFS state recovery mechanism, which typically requires an NFS client interacting with a server that performs NFSv4.1 state recovery. Because the bug resides in kernel code, exploitation would require either local privilege escalation to the server or an exploitation vector that can provoke the deadlock."}}}}, "created": "2026-04-16T07:00:11.011716+00:00", "updated": "2026-04-16T07:00:11.011727+00:00", "vendors": [], "weaknesses": ["CWE-873"]}