{
  "public_date" : "2026-03-18T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: f2fs: fix to do sanity check on node footer in {read,write}_end_io",
    "id" : "2448709",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2448709"
  },
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nf2fs: fix to do sanity check on node footer in {read,write}_end_io\n-----------[ cut here ]------------\nkernel BUG at fs/f2fs/data.c:358!\nCall Trace:\n<IRQ>\nblk_update_request+0x5eb/0xe70 block/blk-mq.c:987\nblk_mq_end_request+0x3e/0x70 block/blk-mq.c:1149\nblk_complete_reqs block/blk-mq.c:1224 [inline]\nblk_done_softirq+0x107/0x160 block/blk-mq.c:1229\nhandle_softirqs+0x283/0x870 kernel/softirq.c:579\n__do_softirq kernel/softirq.c:613 [inline]\ninvoke_softirq kernel/softirq.c:453 [inline]\n__irq_exit_rcu+0xca/0x1f0 kernel/softirq.c:680\nirq_exit_rcu+0x9/0x30 kernel/softirq.c:696\ninstr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline]\nsysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1050\n</IRQ>\nIn f2fs_write_end_io(), it detects there is inconsistency in between\nnode page index (nid) and footer.nid of node page.\nIf footer of node page is corrupted in fuzzed image, then we load corrupted\nnode page w/ async method, e.g. f2fs_ra_node_pages() or f2fs_ra_node_page(),\nin where we won't do sanity check on node footer, once node page becomes\ndirty, we will encounter this bug after node page writeback." ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-23265\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23265\nhttps://lore.kernel.org/linux-cve-announce/2026031853-CVE-2026-23265-6d01@gregkh/T" ],
  "name" : "CVE-2026-23265",
  "csaw" : false
}