CVE-2026-23296

MEDIUM EPSS 2.4%
Published Mar 25, 20263mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Mar 25, 2026 3mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix refcount leak for tagset_refcnt This leak will cause a hang when tearing down the SCSI host. For example, iscsid hangs with the following call trace: [130120.652718] scsi_alloc_sdev: Allocation failure during SCSI scanning, some SCSI devices might not be configured PID: 2528 TASK: ffff9d0408974e00 CPU: 3 COMMAND: "iscsid" #0 [ffffb5b9c134b9e0] __schedule at ffffffff860657d4 #1 [ffffb5b9c134ba28] schedule at ffffffff86065c6f #2 [ffffb5b9c134ba40] schedule_timeout at ffffffff86069fb0 #3 [ffffb5b9c134bab0] __wait_for_common at ffffffff8606674f #4 [ffffb5b9c134bb10] scsi_remove_host at ffffffff85bfe84b #5 [ffffb5b9c134bb30] iscsi_sw_tcp_session_destroy at ffffffffc03031c4 [iscsi_tcp] #6 [ffffb5b9c134bb48] iscsi_if_recv_msg at ffffffffc0292692 [scsi_transport_iscsi] #7 [ffffb5b9c134bb98] iscsi_if_rx at ffffffffc02929c2 [scsi_transport_iscsi] #8 [ffffb5b9c134bbf0] netlink_unicast at ffffffff85e551d6 #9 [ffffb5b9c134bc38] netlink_sendmsg at ffffffff85e554ef

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 14

VendorProductVersionRange
linuxlinux_kernel*≥5.10.223  –  <5.11
linuxlinux_kernel*≥5.15.164  –  <5.15.203
linuxlinux_kernel*≥5.19.12  –  <6.0
linuxlinux_kernel*≥6.0.1  –  <6.1.167
linuxlinux_kernel*≥6.2  –  <6.6.130
linuxlinux_kernel*≥6.7  –  <6.12.77
linuxlinux_kernel*≥6.13  –  <6.18.17
linuxlinux_kernel*≥6.19  –  <6.19.7
linuxlinux_kernel6.0any
linuxlinux_kernel6.0any
linuxlinux_kernel6.0any
linuxlinux_kernel6.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/0e274674714427dc578bb99db5b86e312d2b57f8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1ac22c8eae81366101597d48360718dff9b9d980
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7c01b680beaf4d3143866b062b8e770e8b237fb8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/944a333c8e4d42256556c1d2ebb6d773a33e0dcd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9f5e4abed9248448aa1b45b12ab0bea4d329b56a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a03d96598d39fdf605d90731db3ef3b13fb8bdc8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ec5c17c687b189dbc09dfdec11b669caa40bc395
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0e274674714427dc578bb99db5b86e312d2b57f8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1ac22c8eae81366101597d48360718dff9b9d980
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7c01b680beaf4d3143866b062b8e770e8b237fb8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/944a333c8e4d42256556c1d2ebb6d773a33e0dcd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9f5e4abed9248448aa1b45b12ab0bea4d329b56a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a03d96598d39fdf605d90731db3ef3b13fb8bdc8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ec5c17c687b189dbc09dfdec11b669caa40bc395
    Patch