Login Sign Up

CVE-2026-23168

N/A Unknown

📋 TL;DR

A race condition in the Linux kernel's flexible proportions subsystem can cause indefinite loops when writeout throughput limits are configured. This affects systems using FUSE filesystems or other configurations with maximum writeout fraction settings. The vulnerability requires specific timing conditions between timer interrupts and hardware interrupts.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not explicitly stated in CVE, but patches available for multiple stable branches
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable when maximum writeout throughput fraction is configured (rare in general, frequent for FUSE bdis)

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:
  1. Review the CVE details at NVD
  2. Check vendor security advisories for your specific version
  3. Test if the vulnerability is exploitable in your environment
  4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

System hangs or becomes unresponsive due to indefinite loops in kernel code, potentially requiring hard reboot.

🟠

Likely Case

System instability or performance degradation under specific workloads with FUSE filesystems.

🟢

If Mitigated

No impact for systems without maximum writeout fraction configuration (most common configurations).

🌐 Internet-Facing: LOW - Requires local access and specific kernel configuration.
🏢 Internal Only: LOW - Requires local access, specific configuration, and precise timing conditions.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access, specific kernel configuration, and precise timing between softirq and hardirq contexts

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Multiple stable kernel versions with commits referenced in CVE

Vendor Advisory: https://git.kernel.org/stable/c/0acc9ba7a1b5ba4d998c5753e709be904e179b75

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable maximum writeout fraction

all

Avoid configuring maximum writeout throughput fraction for block devices

# Check current configuration: cat /sys/block/*/bdi/max_ratio
# Set to default (100): echo 100 > /sys/block/[device]/bdi/max_ratio

🧯 If You Can't Patch

  • Avoid using FUSE filesystems or disable maximum writeout fraction configuration
  • Monitor system for hangs or performance issues and have reboot procedures ready

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if maximum writeout fraction is configured: uname -r && cat /sys/block/*/bdi/max_ratio | grep -v '^100$'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated and check for presence of fix commits in kernel source

📡 Detection & Monitoring

Log Indicators:

  • Kernel hangs
  • System becomes unresponsive
  • High CPU usage in kernel threads

Network Indicators:

  • None - local kernel issue

SIEM Query:

Search for kernel panic messages, system hang alerts, or watchdog timeouts

📊 Metadata

CVE ID: CVE-2026-23168
CVSS v3 Score: N/A (Unknown)
Published: February 14, 2026
Last Updated: February 18, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON