CVE-2026-23250 Linux CVE debrief

Who should care

Linux kernel maintainers, distro security teams, and administrators of systems that rely on affected Linux kernel builds, especially hosts using XFS and deployments that include the affected scrub code paths.

Technical summary

The supplied description identifies a null-pointer handling flaw in Linux kernel XFS scrub logic: xchk_scrub_create_subord was returning an incorrect ENOMEM-related value instead of NULL, and callers were not reliably checking for a NULL pointer before proceeding. NVD maps the weakness to CWE-476 and scores the issue CVSS 3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating a local attack surface with primary availability impact. NVD’s affected CPE criteria list Linux kernel ranges 6.10 through 6.12.75, 6.13 through 6.18.16, and 6.19 through 6.19.6. The advisory text also notes that most corrections relate to code merged between 6.2 and 6.10, which is useful context for backporting and review of vendor kernels.

Defensive priority

Medium. The issue is locally exploitable and primarily affects availability, so it is important for systems that expose XFS-related maintenance paths or run kernels in the affected ranges, but it does not indicate code execution or data exposure in the supplied material.

Recommended defensive actions

• Upgrade Linux kernel packages to versions that include the vendor or upstream fix for CVE-2026-23250.
• Check whether your distribution has backported the XFS scrub fix into supported kernel streams, since affected version ranges may differ from upstream CPE ranges.
• Prioritize hosts that use XFS and run kernels in the NVD-listed vulnerable ranges: 6.10-6.12.75, 6.13-6.18.16, and 6.19-6.19.6.
• Review change management and maintenance windows for kernel rollout, especially on systems where unexpected availability loss is costly.
• After remediation, verify the installed kernel build and vendor advisory status to confirm the fix is actually present.

Evidence notes

This debrief is based only on the supplied CVE metadata, the NVD record metadata, and the official references listed there. The description states the XFS helper should return NULL and callers should check for NULL and return ENOMEM. NVD provides the CVSS vector, CWE-476 mapping, and vulnerable CPE ranges. The kernel.org links are official patch references cited by NVD, but their contents were not independently expanded beyond the metadata supplied here.

Official resources