CVE-2026-23162

🗓️ 14 Feb 2026 16:15:00Reported by ubuntu.comType

ubuntucve

ubuntucve🔗 ubuntu.com👁 5 Views

Fixed double free in xe nvm auxiliary device when add fails by moving kfree to initialization path.

Reporter	Title	Published	Views	Family All 16
ATTACKERKB	CVE-2026-23162	14 Feb 202616:01	–	attackerkb
AstraLinux	Astra Linux – Vulnerability in Linux 5.10	19 Jun 202611:10	–	astralinux
CNNVD	Linux kernel 安全漏洞	14 Feb 202600:00	–	cnnvd
CVE	CVE-2026-23162	14 Feb 202616:01	–	cve
Cvelist	CVE-2026-23162 drm/xe/nvm: Fix double-free on aux add failure	14 Feb 202616:01	–	cvelist
Debian CVE	CVE-2026-23162	14 Feb 202616:01	–	debiancve
EUVD	EUVD-2026-5874	14 Feb 202616:01	–	euvd
NVD	CVE-2026-23162	14 Feb 202616:15	–	nvd
OSV	BELL-CVE-2026-23162	19 Feb 202606:09	–	osv
OSV	CVE-2026-23162 drm/xe/nvm: Fix double-free on aux add failure	14 Feb 202616:01	–	osv

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	25.10	any	linux	0	linux_0_any.deb
Ubuntu	25.10	any	linux-aws	0	linux-aws_0_any.deb
Ubuntu	25.10	any	linux-azure	0	linux-azure_0_any.deb
Ubuntu	25.10	any	linux-azure-fde	0	linux-azure-fde_0_any.deb
Ubuntu	25.10	any	linux-gcp	0	linux-gcp_0_any.deb
Ubuntu	25.10	any	linux-oracle	0	linux-oracle_0_any.deb
Ubuntu	24.04	any	linux-oem-6.17	0	linux-oem-6.17_0_any.deb
Ubuntu	25.10	any	linux-raspi	0	linux-raspi_0_any.deb
Ubuntu	25.10	any	linux-realtime	0	linux-realtime_0_any.deb
Ubuntu	25.10	any	linux-riscv	0	linux-riscv_0_any.deb

Source	Link
cve	www.cve.org/CVERecord
git	www.git.kernel.org/linus/8a44241b0b83a6047c5448da1fff03fcc29496b5%20(6.19-rc8)
git	www.git.kernel.org/stable/c/32887d8e4bc0696b3cb6c5915a42b39cfd3434f4
git	www.git.kernel.org/stable/c/8a44241b0b83a6047c5448da1fff03fcc29496b5

23 May 2026 09:37Current

5.7Medium risk

Vulners AI Score5.7

CVSS 3.17.8

EPSS0.00113

kernel double free xe nvm auxiliary device initialization path