PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-23185 Linux CVE debrief

CVE-2026-23185 is a HIGH severity vulnerability in the Linux kernel, with a CVSS score of 7.8. The vulnerability is related to the wifi: iwlwifi: mld component, where the mlo_scan_start_wk work is not canceled on disconnection, leading to potential init-after-queue and use-after-free issues. This vulnerability was published on 2026-02-14T17:15:56.273Z and modified on 2026-06-30T03:17:30.557Z. The CVE record and NVD detail pages provide more information on this vulnerability.

Vendor
Linux
Product
Unknown
CVSS
HIGH 7.8
CISA KEV
Not listed in stored evidence
Original CVE published
2026-02-14
Original CVE updated
2026-06-30
Advisory published
2026-02-14
Advisory updated
2026-06-30

Who should care

Linux kernel users and administrators should be aware of this vulnerability, as it can potentially lead to system crashes or code execution. Linux distributions, such as Red Hat, have provided information on this vulnerability and potential mitigations.

Technical summary

The vulnerability is caused by the mlo_scan_start_wk work not being canceled on disconnection in the wifi: iwlwifi: mld component of the Linux kernel. This can lead to init-after-queue and use-after-free issues if, for example, the work was queued and then drv_change_interface got executed. The Common Vulnerabilities and Exposures (CVE) project has assigned a CVSS score of 7.8 to this vulnerability, indicating a HIGH severity level. The vulnerability affects Linux kernel versions 6.17 to 6.18.10, and 6.19 rc1 to rc8.

Defensive priority

This vulnerability has a HIGH severity level and should be prioritized for patching. Linux kernel users and administrators should review the CVE record and NVD detail pages for more information and apply patches as soon as possible.

Recommended defensive actions

  • Review the CVE record and NVD detail pages for more information on this vulnerability.
  • Check if your Linux kernel version is affected by this vulnerability.
  • Apply patches provided by the Linux kernel maintainers or your Linux distribution as soon as possible.
  • Monitor your system for potential issues related to this vulnerability.
  • Consider implementing compensating controls, such as network segmentation or access controls, to reduce the attack surface.

Evidence notes

The CVE record and NVD detail pages provide more information on this vulnerability, including its CVSS score, affected versions, and potential mitigations. Linux distributions, such as Red Hat, have provided information on this vulnerability and potential mitigations.

Official resources

This article is AI-assisted and based on the supplied source corpus.