CVE-2026-23183
📋 TL;DR
A NULL pointer dereference vulnerability in the Linux kernel's cgroup/dmem subsystem allows local attackers to trigger a kernel panic (denial of service) by writing invalid data to the dmem.max control file. This affects systems using the dmem cgroup controller with Linux kernel versions containing the vulnerable code. Only local users with write access to cgroup control files can exploit this.
💻 Affected Systems
- Linux kernel
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.
Likely Case
Local denial of service through kernel panic, requiring system reboot to recover.
If Mitigated
No impact if proper access controls prevent unauthorized users from writing to cgroup control files.
🎯 Exploit Status
Exploitation requires local access and knowledge of cgroup interface. The vulnerability was discovered through normal testing/development.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patched in kernel commits 43151f812886be1855d2cba059f9c93e4729460b and c13816e8fa23deec6a8d7465d9e637fd02683b5c
Vendor Advisory: https://git.kernel.org/stable/c/43151f812886be1855d2cba059f9c93e4729460b
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing fixes. 2. Check with distribution vendor for backported patches. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Restrict cgroup access
allLimit write access to dmem cgroup control files to prevent unauthorized users from triggering the vulnerability.
chmod 644 /sys/fs/cgroup/dmem.max
chown root:root /sys/fs/cgroup/dmem.max
Disable dmem cgroup controller
allRemove dmem from cgroup controllers if not required for system functionality.
echo "-dmem" > /sys/fs/cgroup/cgroup.subtree_control
🧯 If You Can't Patch
- Implement strict access controls on cgroup filesystems
- Monitor for unauthorized cgroup write attempts and system crashes
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if dmem cgroup controller is active: cat /proc/cgroups | grep dmemCheck Version:
uname -rVerify Fix Applied:
Verify kernel version is newer than vulnerable version and test writing to dmem.max with invalid input no longer causes crash📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs with NULL pointer dereference in dmemcg_limit_write
- System crash/reboot events following cgroup write operations
Network Indicators:
- None - local vulnerability only
SIEM Query:
Search for kernel logs containing 'dmemcg_limit_write' or 'NULL pointer dereference' in cgroup context