{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-06T18:38:02.878","vulnerabilities":[{"cve":{"id":"CVE-2026-23223","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-02-18T16:22:32.037","lastModified":"2026-03-18T14:46:29.523","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix UAF in xchk_btree_check_block_owner\n\nWe cannot dereference bs->cur when trying to determine if bs->cur\naliases bs->sc->sa.{bno,rmap}_cur after the latter has been freed.\nFix this by sampling before type before any freeing could happen.\nThe correct temporal ordering was broken when we removed xfs_btnum_t."},{"lang":"es","value":"Se ha resuelto la siguiente vulnerabilidad en el kernel de Linux:\n\nxfs: se corrige UAF en xchk_btree_check_block_owner\n\nNo podemos desreferenciar bs->cur al intentar determinar si bs->cur es un alias de bs->sc->sa.{bno,rmap}_cur después de que este último haya sido liberado. Esto se soluciona muestreando el tipo antes de que pudiera ocurrir cualquier liberación. El orden temporal correcto se rompió cuando eliminamos xfs_btnum_t."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9","versionEndExcluding":"6.12.72","matchCriteriaId":"BC3EBF44-550D-4B5C-9CD4-93342B1A49F4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.11","matchCriteriaId":"7099A9EC-3D54-4424-BF01-7224EF88C79C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.1","matchCriteriaId":"EE543C0D-A06B-414F-A403-CB1E088F261E"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1c253e11225bc5167217897885b85093e17c2217","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1d411278dda293a507cb794db7d9ed3511c685c6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ba5264610423d9653aa36920520902d83841bcfd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ed82e7949f5cac3058f4100f3cd670531d41a266","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}