Zero Day MonitorZDM

← Back to list

—

CVE-2026-23421EXPLOITEDPATCHED

linux · linux kernel

drm/xe/configfs: Free ctx_restore_mid_bb in release

Description

A vulnerability has been found in Linux Kernel up to 6.18.16/6.19.6/7.0-rc2 and classified as critical. This affects the function wa_bb_store of the component configfs. This manipulation causes allocation of resources.

Affected Products

Vendor	Product	Versions
linux	linux kernel	b30d5de3d40c3fa642079bac0d91f17091c5f877, b30d5de3d40c3fa642079bac0d91f17091c5f877, b30d5de3d40c3fa642079bac0d91f17091c5f877, 6.18, 6.18.16, 6.19.6, 7.0-rc2

References

Related News (2 articles)

Tier C

VulDB6h ago

CVE-2026-23421 | Linux Kernel up to 6.18.16/6.19.6/7.0-rc2 configfs wa_bb_store allocation of resources

→ No new info (linked only)

Tier C

Linux Kernel CVEs7h ago

CVE-2026-23421: drm/xe/configfs: Free ctx_restore_mid_bb in release

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

7f971dfd48983074adc7bbcea3ee95ce7aad47cb3557359ea3df32430ea7c30f7a708ca9a91d7e0ee377182f0266f46f02d01838e6bde67b9dac0d6606.18.176.19.77.0-rc3

CWECWE-401

PublishedApr 3, 2026

Last enriched5h agov2

Tags

CVE-2026-23421

Trending Score60

Source articles2

Independent2

Info Completeness8/14

Missing: cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-23461EXP

Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user

CRITICALCVE-2026-23475EXP

spi: fix statistics allocation

CRITICALCVE-2026-23452EXP

PM: runtime: Fix a race condition related to device removal

CRITICALCVE-2026-23443EXP

ACPI: processor: Fix previous acpi_processor_errata_piix4() fix

CRITICALCVE-2026-23467EXP

drm/i915/dmc: Fix an unlikely NULL pointer deference at probe

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 3, 2026

Discovered by ZDM

Apr 3, 2026

Actively Exploited

Apr 3, 2026

Patch Available

Apr 3, 2026

Updated: description, severity, affectedVersions, activelyExploited, cweIds, tags

Apr 3, 2026

Version History

v2

Last enriched 5h ago

v2Tier C5h ago

Updated description with critical severity, added affected versions 6.18.16, 6.19.6, 7.0-rc2, and noted that no exploit is available.

descriptionseverityaffectedVersionsactivelyExploitedcweIdstags

via VulDB

v16h ago

Initial creation