CVE-2026-23141
MEDIUMLinux Kernel - Denial of Service via Btrfs Send Inline Extent Handling
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: btrfs: send: check for inline extents in range_is_hole_in_parent() Before accessing the disk_bytenr field of a file extent item we need to check if we are dealing with an inline extent. This is because for inline extents their data starts at the offset of the disk_bytenr field. So accessing the disk_bytenr means we are accessing inline data or in case the inline data is less than 8 bytes we can actually cause an invalid memory access if this inline extent item is the first item in the leaf or access metadata from other items.
References (6)
Core 6
Core References
Scores
CVSS v3
5.5
EPSS
0.0012
EPSS Percentile
2.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (22)
linux/Kernel
4.11.0 - 5.15.209linux
linux/Kernel
4.11.0 - 6.6.122linux
linux/Kernel
5.16.0 - 6.1.167linux
linux/Kernel
6.13.0 - 6.18.7linux
linux/Kernel
6.2.0 - 6.6.122linux
linux/Kernel
6.7.0 - 6.12.67linux
Linux/Linux
< 4.11
Linux/Linux
4.11
Linux/Linux
5.15.209 - 5.15.*
Linux/Linux
6.1.167 - 6.1.*
... and 12 more
Published
Feb 14, 2026
Tracked Since
Feb 18, 2026