Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: scsi: xen: scsiback: Fix potential memory leak in scsiback_remove() Memory allocated for struct vscsiblk_info in scsiback_probe() is not freed in scsiback_remove() leading to potential memory leaks on remove, as well as in the scsiback_probe() error paths. Fix that by freeing it in scsiback_remove().
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 3.18, < 5.10.249 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/24c441f0e24da175d7912095663f526ac480dc4fPatch
- https://git.kernel.org/stable/c/32e52b56056daf0f0881fd9254706acf25b4be97Patch
- https://git.kernel.org/stable/c/427b0fb30ddec3bad05dcd73b00718f98c7026d2Patch
- https://git.kernel.org/stable/c/4a975c72429b050c234405668b742cdecc11548ePatch
- https://git.kernel.org/stable/c/901a5f309daba412e2a30364d7ec1492fa11c32cPatch
- https://git.kernel.org/stable/c/a8bb3ec8d85951a56af0a72d93ccbc2aee42eef9Patch
- https://git.kernel.org/stable/c/f86264ec0e2b102fcd49bf3e4f32fee669d482fcPatch
FAQ
What is CVE-2026-23087?
CVE-2026-23087 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: scsi: xen: scsiback: Fix potential memory leak in scsiback_remove() Memory allocated for struct vscsiblk_info in scsiback_probe() ...
How severe is CVE-2026-23087?
CVE-2026-23087 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-23087?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.