#VU122844 Memory leak in Linux kernel - CVE-2026-23198
Published: February 16, 2026
Vulnerability identifier: #VU122844
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-23198
CWE-ID: CWE-401
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the irqfd_shutdown(), irqfd_wakeup() and kvm_irqfd_deassign() functions in virt/kvm/eventfd.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/2284bc168b148a17b5ca3b37b3d95c411f18a08d
- https://git.kernel.org/stable/c/4385b2f2843549bfb932e0dcf76bf4b065543a3c
- https://git.kernel.org/stable/c/6d14ba1e144e796b5fc81044f08cfba9024ca195
- https://git.kernel.org/stable/c/959a063e7f12524bc1871ad1f519787967bbcd45
- https://git.kernel.org/stable/c/b4d37cdb77a0015f51fee083598fa227cc07aaf1
- https://git.kernel.org/stable/c/b61f9b2fcf181451d0a319889478cc53c001123e
- https://git.kernel.org/stable/c/ff48c9312d042bfbe826ca675e98acc6c623211c