Login Sign Up

CVE-2026-23153

N/A Unknown
Denial of Service

📋 TL;DR

A race condition vulnerability in the Linux kernel's firewire core allows concurrent processing of AR response and AT request completion events without proper locking. This could lead to system instability or crashes. Affects Linux systems with firewire hardware or drivers enabled.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not specified in CVE, but references indicate stable kernel patches.
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems with firewire hardware/drivers enabled. Many modern systems may not have firewire ports.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:
  1. Review the CVE details at NVD
  2. Check vendor security advisories for your specific version
  3. Test if the vulnerability is exploitable in your environment
  4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic or system crash leading to denial of service, potentially allowing local privilege escalation if combined with other vulnerabilities.

🟠

Likely Case

System instability, kernel crashes, or denial of service affecting firewire functionality.

🟢

If Mitigated

Minimal impact if firewire is disabled or unused, with potential for system instability only during specific firewire operations.

🌐 Internet-Facing: LOW - Requires local access to firewire hardware or drivers.
🏢 Internal Only: MEDIUM - Could affect workstations/servers with firewire devices, but requires local access or specific hardware.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and specific timing conditions to trigger race condition. Likely requires firewire device interaction.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits 20e01bba2ae4898ce65cdcacd1bd6bec5111abd9 and b038874e31fc3caa0b0d5abd259dd54b918ad4a1

Vendor Advisory: https://git.kernel.org/stable/c/20e01bba2ae4898ce65cdcacd1bd6bec5111abd9

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from distribution vendor. 2. Reboot system to load new kernel. 3. Verify kernel version matches patched release.

🔧 Temporary Workarounds

Disable firewire module

Linux

Prevent loading of firewire kernel module to eliminate attack surface

echo 'blacklist firewire-core' >> /etc/modprobe.d/blacklist-firewire.conf
rmmod firewire-core
update-initramfs -u

🧯 If You Can't Patch

  • Disconnect all firewire devices and disable firewire in BIOS/UEFI if possible.
  • Implement strict access controls to prevent unauthorized local access to systems with firewire hardware.

🔍 How to Verify

Check if Vulnerable:

Check if firewire module is loaded: lsmod | grep firewire. Check kernel version against patched releases.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits or is newer than patched release. Confirm firewire functionality works without crashes.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages in /var/log/kern.log or dmesg
  • Firewire-related error messages or crashes

Network Indicators:

  • None - local hardware vulnerability

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "firewire")

📊 Metadata

CVE ID: CVE-2026-23153
CVSS v3 Score: N/A (Unknown)
Published: February 14, 2026
Last Updated: February 18, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON