CVE-2026-23296
- Source
- https://cve.org/CVERecord?id=CVE-2026-23296
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23296.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2026-23296
- Downstream
- Published
- 2026-03-25T10:26:53.509Z
- Modified
- 2026-04-02T13:12:21.695130Z
- Summary
- scsi: core: Fix refcount leak for tagset_refcnt
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
scsi: core: Fix refcount leak for tagset_refcnt
This leak will cause a hang when tearing down the SCSI host. For example, iscsid hangs with the following call trace:
[130120.652718] scsiallocsdev: Allocation failure during SCSI scanning, some SCSI devices might not be configured
PID: 2528 TASK: ffff9d0408974e00 CPU: 3 COMMAND: "iscsid" #0 [ffffb5b9c134b9e0] __schedule at ffffffff860657d4 #1 [ffffb5b9c134ba28] schedule at ffffffff86065c6f #2 [ffffb5b9c134ba40] schedule_timeout at ffffffff86069fb0 #3 [ffffb5b9c134bab0] __waitforcommon at ffffffff8606674f #4 [ffffb5b9c134bb10] scsiremovehost at ffffffff85bfe84b #5 [ffffb5b9c134bb30] iscsiswtcpsessiondestroy at ffffffffc03031c4 [iscsitcp] #6 [ffffb5b9c134bb48] iscsiifrecvmsg at ffffffffc0292692 [scsitransportiscsi] #7 [ffffb5b9c134bb98] iscsiifrx at ffffffffc02929c2 [scsitransportiscsi] #8 [ffffb5b9c134bbf0] netlinkunicast at ffffffff85e551d6 #9 [ffffb5b9c134bc38] netlinksendmsg at ffffffff85e554ef
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23296.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/1ac22c8eae81366101597d48360718dff9b9d980
- https://git.kernel.org/stable/c/7c01b680beaf4d3143866b062b8e770e8b237fb8
- https://git.kernel.org/stable/c/944a333c8e4d42256556c1d2ebb6d773a33e0dcd
- https://git.kernel.org/stable/c/9f5e4abed9248448aa1b45b12ab0bea4d329b56a
- https://git.kernel.org/stable/c/a03d96598d39fdf605d90731db3ef3b13fb8bdc8
- https://git.kernel.org/stable/c/ec5c17c687b189dbc09dfdec11b669caa40bc395
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23296.json
- https://nvd.nist.gov/vuln/detail/CVE-2026-23296
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8fe4ce5836e932f5766317cb651c1ff2a4cd0506Fixed9f5e4abed9248448aa1b45b12ab0bea4d329b56aFixed7c01b680beaf4d3143866b062b8e770e8b237fb8Fixedec5c17c687b189dbc09dfdec11b669caa40bc395Fixed944a333c8e4d42256556c1d2ebb6d773a33e0dcdFixeda03d96598d39fdf605d90731db3ef3b13fb8bdc8Fixed1ac22c8eae81366101597d48360718dff9b9d980
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected5ce8fad941233e81f2afb5b52a3fcddd3ba8732fLast affectedf818708eeeae793e12dc39f8984ed7732048a7d9Last affected2e7eb4c1e8af8385de22775bd0be552f59b28c9a