Login Sign Up

CVE-2026-23179

N/A Unknown

📋 TL;DR

A race condition in the Linux kernel's NVMe over TCP subsystem can cause a deadlock when a listening socket is closed while processing data. This affects systems using NVMe over TCP storage protocols, potentially causing denial of service. The vulnerability is specific to Linux kernel versions with the affected nvmet-tcp module.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific kernel versions containing the vulnerable nvmet-tcp code (check git commits for exact ranges)
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable if NVMe over TCP (nvmet-tcp) module is loaded and in use. Many systems don't use this feature by default.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:
  1. Review the CVE details at NVD
  2. Check vendor security advisories for your specific version
  3. Test if the vulnerability is exploitable in your environment
  4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

System hang or kernel panic requiring physical reboot, causing complete unavailability of NVMe over TCP storage services.

🟠

Likely Case

Local denial of service affecting NVMe over TCP connections, potentially disrupting storage operations.

🟢

If Mitigated

Minimal impact if systems are patched or don't use NVMe over TCP functionality.

🌐 Internet-Facing: LOW - NVMe over TCP is typically used in internal storage networks, not directly internet-facing.
🏢 Internal Only: MEDIUM - Affects internal storage infrastructure reliability for systems using NVMe over TCP.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires ability to trigger socket closure during specific timing window. Likely requires local access or ability to interact with NVMe over TCP service.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing fixes from git commits: 1c90f930e7b410dd2d75a2a19a85e19c64e98ad5, 2fa8961d3a6a1c2395d8d560ffed2c782681bade, 6e0c7503a5803d568d56a9f9bca662cd94a14908, f532b29b0e313f42b964014038b0f52899b240ec

Vendor Advisory: https://git.kernel.org/stable/c/

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load new kernel. 3. Verify nvmet-tcp module loads correctly.

🔧 Temporary Workarounds

Disable NVMe over TCP

all

Unload the nvmet-tcp kernel module if not required

modprobe -r nvmet-tcp

Blacklist module

all

Prevent nvmet-tcp module from loading automatically

echo 'blacklist nvmet-tcp' >> /etc/modprobe.d/blacklist.conf

🧯 If You Can't Patch

  • Monitor systems for unexpected hangs or storage service disruptions
  • Implement redundancy for critical NVMe over TCP storage services

🔍 How to Verify

Check if Vulnerable:

Check if nvmet-tcp module is loaded: lsmod | grep nvmet_tcp. Check kernel version against patched versions.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits. Test NVMe over TCP functionality remains stable during connection churn.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs
  • System hang events
  • NVMe service disruption logs

Network Indicators:

  • Unexpected NVMe over TCP connection drops
  • Storage timeouts

SIEM Query:

Search for kernel panic events or storage service disruption alerts on systems with nvmet-tcp module

📊 Metadata

CVE ID: CVE-2026-23179
CVSS v3 Score: N/A (Unknown)
Published: February 14, 2026
Last Updated: February 18, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON