CVE-2026-23296

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix refcount leak for tagset_refcnt This leak will cause a hang when tearing down the SCSI host. For example, iscsid hangs with the following call trace: [130120.652718] scsi_alloc_sdev: Allocation failure during SCSI scanning, some SCSI devices might not be configured PID: 2528 TASK: ffff9d0408974e00 CPU: 3 COMMAND: "iscsid" #0 [ffffb5b9c134b9e0] __schedule at ffffffff860657d4 #1 [ffffb5b9c134ba28] schedule at ffffffff86065c6f #2 [ffffb5b9c134ba40] schedule_timeout at ffffffff86069fb0 #3 [ffffb5b9c134bab0] __wait_for_common at ffffffff8606674f #4 [ffffb5b9c134bb10] scsi_remove_host at ffffffff85bfe84b #5 [ffffb5b9c134bb30] iscsi_sw_tcp_session_destroy at ffffffffc03031c4 [iscsi_tcp] #6 [ffffb5b9c134bb48] iscsi_if_recv_msg at ffffffffc0292692 [scsi_transport_iscsi] #7 [ffffb5b9c134bb98] iscsi_if_rx at ffffffffc02929c2 [scsi_transport_iscsi] #8 [ffffb5b9c134bbf0] netlink_unicast at ffffffff85e551d6 #9 [ffffb5b9c134bc38] netlink_sendmsg at ffffffff85e554ef

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/0e274674714427dc578bb99db5b86e312d2b57f8	Patch
https://git.kernel.org/stable/c/1ac22c8eae81366101597d48360718dff9b9d980	Patch
https://git.kernel.org/stable/c/7c01b680beaf4d3143866b062b8e770e8b237fb8	Patch
https://git.kernel.org/stable/c/944a333c8e4d42256556c1d2ebb6d773a33e0dcd	Patch
https://git.kernel.org/stable/c/9f5e4abed9248448aa1b45b12ab0bea4d329b56a	Patch
https://git.kernel.org/stable/c/a03d96598d39fdf605d90731db3ef3b13fb8bdc8	Patch
https://git.kernel.org/stable/c/ec5c17c687b189dbc09dfdec11b669caa40bc395	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.0:-::::::
	cpe:2.3:o:linux:linux_kernel:6.0:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.0:rc6::::::
	cpe:2.3:o:linux:linux_kernel:6.0:rc7::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc1::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc2::::::

History

26 May 2026, 15:06

Type	Values Removed	Values Added
CWE		NVD-CWE-Other
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
References	~~() https://git.kernel.org/stable/c/0e274674714427dc578bb99db5b86e312d2b57f8 -~~	() https://git.kernel.org/stable/c/0e274674714427dc578bb99db5b86e312d2b57f8 - Patch
References	~~() https://git.kernel.org/stable/c/1ac22c8eae81366101597d48360718dff9b9d980 -~~	() https://git.kernel.org/stable/c/1ac22c8eae81366101597d48360718dff9b9d980 - Patch
References	~~() https://git.kernel.org/stable/c/7c01b680beaf4d3143866b062b8e770e8b237fb8 -~~	() https://git.kernel.org/stable/c/7c01b680beaf4d3143866b062b8e770e8b237fb8 - Patch
References	~~() https://git.kernel.org/stable/c/944a333c8e4d42256556c1d2ebb6d773a33e0dcd -~~	() https://git.kernel.org/stable/c/944a333c8e4d42256556c1d2ebb6d773a33e0dcd - Patch
References	~~() https://git.kernel.org/stable/c/9f5e4abed9248448aa1b45b12ab0bea4d329b56a -~~	() https://git.kernel.org/stable/c/9f5e4abed9248448aa1b45b12ab0bea4d329b56a - Patch
References	~~() https://git.kernel.org/stable/c/a03d96598d39fdf605d90731db3ef3b13fb8bdc8 -~~	() https://git.kernel.org/stable/c/a03d96598d39fdf605d90731db3ef3b13fb8bdc8 - Patch
References	~~() https://git.kernel.org/stable/c/ec5c17c687b189dbc09dfdec11b669caa40bc395 -~~	() https://git.kernel.org/stable/c/ec5c17c687b189dbc09dfdec11b669caa40bc395 - Patch
CPE		cpe:2.3:o:linux:linux_kernel:7.0:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.0:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.0:rc7:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.0:rc5:::::: cpe:2.3:o:linux:linux_kernel:7.0:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.0:-::::::
First Time		Linux Linux linux Kernel

18 Apr 2026, 09:16

Type	Values Removed	Values Added
References		() https://git.kernel.org/stable/c/0e274674714427dc578bb99db5b86e312d2b57f8 -
Summary		(es) En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: scsi: core: Corrección de fuga de contador de referencias para tagset_refcnt Esta fuga causará un cuelgue al desmontar el host SCSI. Por ejemplo, iscsid se cuelga con el siguiente rastreo de llamadas: [130120.652718] scsi_alloc_sdev: Fallo de asignación durante el escaneo SCSI, algunos dispositivos SCSI podrían no estar configurados PID: 2528 TAREA: ffff9d0408974e00 CPU: 3 COMANDO: iscsid #0 [ffffb5b9c134b9e0] __schedule at ffffffff860657d4 #1 [ffffb5b9c134ba28] schedule at ffffffff86065c6f #2 [ffffb5b9c134ba40] schedule_timeout at ffffffff86069fb0 #3 [ffffb5b9c134bab0] __wait_for_common at ffffffff8606674f #4 [ffffb5b9c134bb10] scsi_remove_host at ffffffff85bfe84b #5 [ffffb5b9c134bb30] iscsi_sw_tcp_session_destroy at ffffffffc03031c4 [iscsi_tcp] #6 [ffffb5b9c134bb48] iscsi_if_recv_msg at ffffffffc0292692 [scsi_transport_iscsi] #7 [ffffb5b9c134bb98] iscsi_if_rx at ffffffffc02929c2 [scsi_transport_iscsi] #8 [ffffb5b9c134bbf0] netlink_unicast at ffffffff85e551d6 #9 [ffffb5b9c134bc38] netlink_sendmsg at ffffffff85e554ef

25 Mar 2026, 11:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-25 11:16

Updated : 2026-05-26 15:06

NVD link : CVE-2026-23296

Mitre link : CVE-2026-23296

CVE.ORG link : CVE-2026-23296

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-Other

5.5 /10