CVE-2026-23251

CVE-2026-23251

In the Linux kernel, the following vulnerability has been resolved: xfs: only call xf{array,blob}_destroy if we have a valid pointer Only call the xfarray and xfblob destructor if we have a valid pointer, and be sure to null out that pointer afterwards. Note that this patch fixes a large number of commits, most of which were merged between 6.9 and 6.10.

CVE-2026-23251

A NULL pointer dereference vulnerability was found in the Linux kernel's XFS filesystem. The xfarray_destroy() and xfblob_destroy() functions are called without checking if the pointer is valid. When these destructors are invoked on NULL pointers during cleanup paths, a kernel crash occurs. The fix adds NULL checks before calling the destructors and nullifies the pointers afterward to prevent double-free issues.

CVE-2026-23251

In the Linux kernel, the following vulnerability has been resolved: xfs: only call xf{array,blob}_destroy if we have a valid pointer Only call the xfarray and xfblob destructor if we have a valid pointer, and be sure to null out that pointer afterwards. Note that this patch fixes a large number of commits, most of which were merged between 6.9 and 6.10.

GHSA-h6jp-94m7-xf6p

In the Linux kernel, the following vulnerability has been resolved: xfs: only call xf{array,blob}_destroy if we have a valid pointer Only call the xfarray and xfblob destructor if we have a valid pointer, and be sure to null out that pointer afterwards. Note that this patch fixes a large number of commits, most of which were merged between 6.9 and 6.10.

BDU:2026-03487

Уязвимость функции xfarray_destroy() и xfblob_destroy() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании