{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23123", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.970Z", "datePublished": "2026-02-14T15:09:53.369Z", "dateUpdated": "2026-05-11T22:00:34.413Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:00:34.413Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ninterconnect: debugfs: initialize src_node and dst_node to empty strings\n\nThe debugfs_create_str() API assumes that the string pointer is either NULL\nor points to valid kmalloc() memory. Leaving the pointer uninitialized can\ncause problems.\n\nInitialize src_node and dst_node to empty strings before creating the\ndebugfs entries to guarantee that reads and writes are safe."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/interconnect/debugfs-client.c"], "versions": [{"version": "770c69f037c18cfaa37c3d6c6ef8bd257635513f", "lessThan": "aa79a5a959c7c414bd6fba01ea8dbaddd44f13e7", "status": "affected", "versionType": "git"}, {"version": "770c69f037c18cfaa37c3d6c6ef8bd257635513f", "lessThan": "935d0938b570589c8b0a1733d2cba3c39d027f25", "status": "affected", "versionType": "git"}, {"version": "770c69f037c18cfaa37c3d6c6ef8bd257635513f", "lessThan": "5d7c7e1fb3ec24fdd0f9faa27b666d6789e891e8", "status": "affected", "versionType": "git"}, {"version": "770c69f037c18cfaa37c3d6c6ef8bd257635513f", "lessThan": "8cc27f5c6dd17dd090f3a696683f04336c162ff5", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/interconnect/debugfs-client.c"], "versions": [{"version": "6.6", "status": "affected"}, {"version": "0", "lessThan": "6.6", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.122", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.68", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.8", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6", "versionEndExcluding": "6.6.122"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6", "versionEndExcluding": "6.12.68"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6", "versionEndExcluding": "6.18.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6", "versionEndExcluding": "6.19"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/aa79a5a959c7c414bd6fba01ea8dbaddd44f13e7"}, {"url": "https://git.kernel.org/stable/c/935d0938b570589c8b0a1733d2cba3c39d027f25"}, {"url": "https://git.kernel.org/stable/c/5d7c7e1fb3ec24fdd0f9faa27b666d6789e891e8"}, {"url": "https://git.kernel.org/stable/c/8cc27f5c6dd17dd090f3a696683f04336c162ff5"}], "title": "interconnect: debugfs: initialize src_node and dst_node to empty strings", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5BC7DC6F-F752-49B5-82B2-A8F4BF9C3EAC", "versionEndExcluding": "6.6.122", "versionStartIncluding": "6.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "52F38E19-0FDD-4992-9D6D-D4169D689598", "versionEndExcluding": "6.12.68", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E65C6E79-7EBE-4C77-93F0-818CF5B38F4E", "versionEndExcluding": "6.18.8", "versionStartIncluding": "6.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "17B67AA7-40D6-4AFA-8459-F200F3D7CFD1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "C47E4CC9-C826-4FA9-B014-7FE3D9B318B2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "F71D92C0-C023-48BD-B3B6-70B638EEE298", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*", "matchCriteriaId": "13580667-0A98-40CC-B29F-D12790B91BDB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*", "matchCriteriaId": "CAD1FED7-CF48-47BF-AC7D-7B6FA3C065FC", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*", "matchCriteriaId": "3EF854A1-ABB1-4E93-BE9A-44569EC76C0D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ninterconnect: debugfs: initialize src_node and dst_node to empty strings\n\nThe debugfs_create_str() API assumes that the string pointer is either NULL\nor points to valid kmalloc() memory. Leaving the pointer uninitialized can\ncause problems.\n\nInitialize src_node and dst_node to empty strings before creating the\ndebugfs entries to guarantee that reads and writes are safe."}, {"lang": "es", "value": "En el kernel de Linux, la siguiente vulnerabilidad se ha resuelto:\n\ninterconnect: debugfs: inicializar src_node y dst_node a cadenas vac\u00edas\n\nLa API debugfs_create_str() asume que el puntero de cadena es NULL o apunta a memoria kmalloc() v\u00e1lida. Dejar el puntero sin inicializar puede causar problemas.\n\nInicializar src_node y dst_node a cadenas vac\u00edas antes de crear las entradas debugfs para garantizar que las lecturas y escrituras sean seguras."}], "id": "CVE-2026-23123", "lastModified": "2026-03-18T14:50:40.470", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-02-14T15:16:07.500", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5d7c7e1fb3ec24fdd0f9faa27b666d6789e891e8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8cc27f5c6dd17dd090f3a696683f04336c162ff5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/935d0938b570589c8b0a1733d2cba3c39d027f25"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/aa79a5a959c7c414bd6fba01ea8dbaddd44f13e7"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-908"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: interconnect: debugfs: initialize src_node and dst_node to empty strings", "id": "2439845", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439845"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2026-23123", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-02-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23123\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23123\nhttps://lore.kernel.org/linux-cve-announce/2026021408-CVE-2026-23123-9ee2@gregkh/T"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[770c69f037c18cfaa37c3d6c6ef8bd257635513f,aa79a5a959c7c414bd6fba01ea8dbaddd44f13e7)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[770c69f037c18cfaa37c3d6c6ef8bd257635513f,935d0938b570589c8b0a1733d2cba3c39d027f25)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[770c69f037c18cfaa37c3d6c6ef8bd257635513f,5d7c7e1fb3ec24fdd0f9faa27b666d6789e891e8)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[770c69f037c18cfaa37c3d6c6ef8bd257635513f,8cc27f5c6dd17dd090f3a696683f04336c162ff5)"}}], "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "6.6"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.6)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.6.122,6.7.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.68,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.8,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19,*]"}}], "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-18T18:06:08.156321+00:00", "value": {"mitigation_remediation": ["Apply the kernel patch that initializes src_node and dst_node strings before debugfs entries are created", "Upgrade to kernel 6.19\u2011rc7 or later, which contains the fix", "If an upgrade is not possible, disable debugfs by setting CONFIG_DEBUG_FS=n or unmounting the debugfs mount point to prevent exposure of the vulnerable API"], "summary": {"action": "Immediate Patch", "impact": "Kernel crash and denial of service"}, "threat_synthesis": {"affected_systems": "Linux kernel 6.19 release candidates rc1 through rc6 are affected. All distributions shipping these kernels are at risk unless the patch has been applied.", "description_and_impact": "The Linux kernel\u2019s debugfs_create_str() routine expects a valid pointer or NULL for the string it creates. In this vulnerability the src_node and dst_node strings were left uninitialized before the debugfs entries were created, causing the routine to operate on undefined memory. This can lead to an invalid memory access in the kernel, resulting in a crash or data corruption. The impact is limited to systems running the affected kernel with debugfs enabled and would typically require local system access. The weakness is listed as CWE\u2011908, a buffer or string misuse issue.", "risk_and_exploitability": "The CVSS score of 5.5 indicates moderate severity. The EPSS score is below 1%, implying low exploitation likelihood. It is not listed in CISA\u2019s KEV catalog. The likely attack vector is local; an attacker would need to trigger the creation of the vulnerable debugfs entries, which requires kernel context. Exploitation would most likely result in a kernel crash or data corruption rather than arbitrary code execution."}}}}, "created": "2026-02-16T12:01:42.603811+00:00", "updated": "2026-04-18T18:15:06.580939+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}