Linux Kernel XFS UAF via xchk_btree_check_block_owner
CVE-2026-23223 Published on February 18, 2026
xfs: fix UAF in xchk_btree_check_block_owner
In the Linux kernel, the following vulnerability has been resolved:
xfs: fix UAF in xchk_btree_check_block_owner
We cannot dereference bs->cur when trying to determine if bs->cur
aliases bs->sc->sa.{bno,rmap}_cur after the latter has been freed.
Fix this by sampling before type before any freeing could happen.
The correct temporal ordering was broken when we removed xfs_btnum_t.
Products Associated with CVE-2026-23223
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2026-23223 are published in Linux Kernel:
Affected Versions
Linux:- Version ec793e690f801d97a7ae2a0d429fea1fee4d44aa and below 1d411278dda293a507cb794db7d9ed3511c685c6 is affected.
- Version ec793e690f801d97a7ae2a0d429fea1fee4d44aa and below ed82e7949f5cac3058f4100f3cd670531d41a266 is affected.
- Version ec793e690f801d97a7ae2a0d429fea1fee4d44aa and below ba5264610423d9653aa36920520902d83841bcfd is affected.
- Version ec793e690f801d97a7ae2a0d429fea1fee4d44aa and below 1c253e11225bc5167217897885b85093e17c2217 is affected.
- Version 6.9 is affected.
- Before 6.9 is unaffected.
- Version 6.12.72, <= 6.12.* is unaffected.
- Version 6.18.11, <= 6.18.* is unaffected.
- Version 6.19.1, <= 6.19.* is unaffected.
- Version 7.0-rc1, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.