DEBIAN-CVE-2026-23147
- Source
- https://security-tracker.debian.org/tracker/CVE-2026-23147
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-23147.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2026-23147
- Upstream
- Published
- 2026-02-14T16:15:54.813Z
- Modified
- 2026-03-18T09:03:09.057279Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix the folio leak on S390 hardware acceleration [BUG] After commit aa60fe12b4f4 ("btrfs: zlib: refactor S390x HW acceleration buffer preparation"), we no longer release the folio of the page cache of folio returned by btrfscompressfilemapgetfolio() for S390 hardware acceleration path. [CAUSE] Before that commit, we call kumaplocal() and folioput() after handling each folio. Although the timing is not ideal (it release previous folio at the beginning of the loop, and rely on some extra cleanup out of the loop), it at least handles the folio release correctly. Meanwhile the refactored code is easier to read, it lacks the call to release the filemap folio. [FIX] Add the missing folioput() for copydataintobuffer().
- References
Affected packages
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.18.9-1