Login Sign Up

CVE-2026-23145

N/A Unknown
Denial of Service

📋 TL;DR

This CVE describes a memory leak vulnerability in the Linux kernel's ext4 filesystem driver. When handling extended attributes on inodes, the kernel fails to properly release buffer head references in error conditions, potentially leading to resource exhaustion. This affects all Linux systems using ext4 filesystems.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not specified in CVE, but references indicate stable kernel patches
Operating Systems: All Linux distributions using ext4 filesystem
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems using ext4 filesystem with extended attributes enabled

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:
  1. Review the CVE details at NVD
  2. Check vendor security advisories for your specific version
  3. Test if the vulnerability is exploitable in your environment
  4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sustained exploitation could lead to kernel memory exhaustion, causing system instability, denial of service, or potential kernel crashes.

🟠

Likely Case

Gradual memory leak over time leading to performance degradation and eventual system instability requiring reboot.

🟢

If Mitigated

Minimal impact with proper monitoring and memory limits in place.

🌐 Internet-Facing: LOW - Requires local filesystem access and specific error conditions to trigger.
🏢 Internal Only: MEDIUM - Local users or processes with filesystem access could potentially trigger the leak.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and ability to trigger specific error conditions in ext4 xattr operations

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply kernel patches from provided git references

Vendor Advisory: https://git.kernel.org/stable/c/06e26287f2e349a28ad363941ffd9076bfed8b2e

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable extended attributes

all

Mount ext4 filesystems with 'noacl' and 'noattr' options to disable extended attribute support

mount -o remount,noacl,noattr /mount/point

🧯 If You Can't Patch

  • Monitor kernel memory usage for unusual growth patterns
  • Implement process resource limits to contain potential memory leaks

🔍 How to Verify

Check if Vulnerable:

Check kernel version and verify if ext4 xattr operations are being used on the system

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the referenced git commits or check with distribution security updates

📡 Detection & Monitoring

Log Indicators:

  • Kernel OOM (Out of Memory) messages
  • System instability logs
  • High memory usage by kernel processes

Network Indicators:

  • None - local filesystem vulnerability

SIEM Query:

source="kernel" AND ("out of memory" OR "OOM" OR "memory allocation failure")

📊 Metadata

CVE ID: CVE-2026-23145
CVSS v3 Score: N/A (Unknown)
Published: February 14, 2026
Last Updated: February 18, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON