In the Linux kernel, the following vulnerability has been resolved: null_blk: fix kmemleak by releasing references to fault configfs items When CONFIG_BLK_DEV_NULL_BLK_FAULT_INJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeout_inject, requeue_inject, and init_hctx_fault_inject configfs items as children of the top-level nullbX configfs group. However, when the nullbX device is removed, the references taken to these fault-config configfs items are not released. As a result, kmemleak reports a memory leak, for example: unreferenced object 0xc00000021ff25c40 (size 32): comm "mkdir", pid 10665, jiffies 4322121578 hex dump (first 32 bytes): 69 6e 69 74 5f 68 63 74 78 5f 66 61 75 6c 74 5f init_hctx_fault_ 69 6e 6a 65 63 74 00 88 00 00 00 00 00 00 00 00 inject.......... backtrace (crc 1a018c86): __kmalloc_node_track_caller_noprof+0x494/0xbd8 kvasprintf+0x74/0xf4 config_item_set_name+0xf0/0x104 config_group_init_type_name+0x48/0xfc fault_config_init+0x48/0xf0 0xc0080000180559e4 configfs_mkdir+0x304/0x814 vfs_mkdir+0x49c/0x604 do_mkdirat+0x314/0x3d0 sys_mkdir+0xa0/0xd8 system_call_exception+0x1b0/0x4f0 system_call_vectored_common+0x15c/0x2ec Fix this by explicitly releasing the references to the fault-config configfs items when dropping the reference to the top-level nullbX configfs group.

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50144 advisory.

    - mm/page_alloc: prevent pcp corruption with SMP=n (Vlastimil Babka) [Orabug: 38914772] {CVE-2026-23025}
    - phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() (Xu Wang) [Orabug: 38914781]     {CVE-2026-23030}
    - bpf: Reject narrower access to pointer ctx fields (Paul Chaignon) [Orabug: 38335080] {CVE-2025-38591}
    - mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure (Seongjae Park)     [Orabug: 38970289] {CVE-2026-23142}
    - btrfs: fix deadlock in wait_current_trans() due to ignored transaction type (Robbie Ko) [Orabug:
    38930778] {CVE-2025-71194}
    - dmaengine: bcm-sba-raid: fix device leak on probe (Johan Hovold) [Orabug: 38914727] {CVE-2025-71190}
    - drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel (Marek Vasut) [Orabug:
    38930828] {CVE-2026-23049}
    - mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure (Seongjae Park) [Orabug: 38970294]     {CVE-2026-23144}
    - ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref (Yangerkun) [Orabug: 38970600] {CVE-2026-23145}
    - lib/buildid: use __kernel_read() for sleepable context (Shakeel Butt) [Orabug: 38887735]     {CVE-2026-23002}
    - net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts     (Tetsuo Handa) [Orabug: 38887709] {CVE-2026-22997}
    - can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak (Marc Kleine-Budde) [Orabug: 38914785]     {CVE-2026-23031}
    - null_blk: fix kmemleak by releasing references to fault configfs items (Nilay Shroff) [Orabug: 38914794]     {CVE-2026-23032}
    - bridge: mcast: Fix use-after-free during router port configuration (Ido Schimmel) [Orabug: 38175058]     {CVE-2025-38248}
    - net/sched: sch_qfq: do not free existing class in qfq_change_class() (Eric Dumazet) [Orabug: 38887717]     {CVE-2026-22999}
    - ipv6: Fix use-after-free in inet6_addr_del(). (Kuniyuki Iwashima) [Orabug: 38887755] {CVE-2026-23010}
    - net: hv_netvsc: reject RSS hash key programming without RX indirection table (Aditya Garg) [Orabug:
    38930846] {CVE-2026-23054}
    - net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv (Saeed Mahameed) [Orabug: 38914806]     {CVE-2026-23035}
    - net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv (Saeed Mahameed) [Orabug: 38887705]     {CVE-2026-22996}
    - net/mlx5e: Fix crash on profile change rollback failure (Saeed Mahameed) [Orabug: 38887724]     {CVE-2026-23000}
    - ipv4: ip_gre: make ipgre_header() robust (Eric Dumazet) [Orabug: 38887757] {CVE-2026-23011}
    - macvlan: fix possible UAF in macvlan_forward_source() (Eric Dumazet) [Orabug: 38887729] {CVE-2026-23001}
    - ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() (Eric Dumazet) [Orabug: 38887737]     {CVE-2026-23003}
    - btrfs: send: check for inline extents in range_is_hole_in_parent() (Qu Wenruo) [Orabug: 38970283]     {CVE-2026-23141}
    - nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec (Shivam Kumar) [Orabug: 38887713]     {CVE-2026-22998}
    - pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() (Zilin Guan) [Orabug: 38914815]     {CVE-2026-23038}
    - NFS: Fix a deadlock involving nfs_release_folio() (Trond Myklebust) [Orabug: 38930844] {CVE-2026-23053}
    - pNFS: Fix a deadlock when returning a delegation during open() (Trond Myklebust) [Orabug: 38930834]     {CVE-2026-23050}
    - x86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1 (Sean Christopherson) [Orabug:
    38887746] {CVE-2026-23005}
    - tpm2-sessions: Fix out of range indexing in name_size (Jarkko Sakkinen) [Orabug: 38847816]     {CVE-2025-68792}
    - can: j1939: make j1939_session_activate() fail if device is no longer registered (Tetsuo Handa) [Orabug:
    38914674] {CVE-2025-71182}
    - netfilter: nf_tables: avoid chain re-validation if possible (Florian Westphal) [Orabug: 38887632]     {CVE-2025-71160}
    - bpf: Fix reference count leak in bpf_prog_test_run_xdp() (Tetsuo Handa) [Orabug: 38887701]     {CVE-2026-22994}
    - bpf, test_run: Subtract size of xdp_frame from allowed metadata size (Toke Hoiland-Jorgensen) [Orabug:
    38970281] {CVE-2026-23140}
    - arp: do not assume dev_hard_header() does not change skb->head (Eric Dumazet) [Orabug: 38887789]     {CVE-2026-22988}
    - net: usb: pegasus: fix memory leak in update_eth_regs_async() (Petko Manolov) [Orabug: 38914760]     {CVE-2026-23021}
    - net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset (Xiang Mei)     [Orabug: 38872324] {CVE-2026-22976}
    - idpf: fix memory leak in idpf_vport_rel() (Emil Tantilov) [Orabug: 38914769] {CVE-2026-23023}
    - net: fix memory leak in skb_segment_list for GRO packets (Mohammad Heib) [Orabug: 38887655]     {CVE-2026-22979}
    - net: sock: fix hardened usercopy panic in sock_recv_errqueue (Weiming Shi) [Orabug: 38877945]     {CVE-2026-22977}
    - netfilter: nf_conncount: update last_gc only when GC has been performed (Fernando Fernandez Mancera)     [Orabug: 38970277] {CVE-2026-23139}
    - btrfs: fix NULL dereference on root when tracing inode eviction (Miquel Sabate Sola) [Orabug: 38914692]     {CVE-2025-71184}
    - libceph: make calc_target() set t->paused, not just clear it (Ilya Dryomov) [Orabug: 38930820]     {CVE-2026-23047}
    - libceph: reset sparse-read state in osd_fault() (Sam Edwards) [Orabug: 38970263] {CVE-2026-23136}
    - libceph: return the handler error from mon_handle_auth_done() (Ilya Dryomov) [Orabug: 38887696]     {CVE-2026-22992}
    - libceph: make free_choose_arg_map() resilient to partial allocation (Tuo Li) [Orabug: 38887690]     {CVE-2026-22991}
    - libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (Ilya Dryomov) [Orabug: 38887684]     {CVE-2026-22990}
    - libceph: prevent potential out-of-bounds reads in handle_auth_done() (Ziming Zhang) [Orabug: 38887672]     {CVE-2026-22984}
    - wifi: avoid kernel-infoleak from struct iw_point (Eric Dumazet) [Orabug: 38887649] {CVE-2026-22978}
    - btrfs: always detect conflicting inodes when logging inode refs (Filipe Manana) [Orabug: 38914680]     {CVE-2025-71183}
    - net: 3com: 3c59x: fix possible null dereference in vortex_probe1() (Thomas Fourier) [Orabug: 38914754]     {CVE-2026-23020}
    - nfsd: check that server is running in unlock_filesystem (Olga Kornievskaia) [Orabug: 38887681]     {CVE-2026-22989}
    - nfsd: provide locking for v4_end_grace (Neil Brown) [Orabug: 38887658] {CVE-2026-22980}
    - net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF. (Thadeu Lima de Souza Cascardo) [Orabug:
    37844499] {CVE-2025-22111}
    - wifi: mac80211: Discard Beacon frames to non-broadcast address (Jouni Malinen) [Orabug: 38852360]     {CVE-2025-71127}
    - mptcp: ensure context reset on disconnect() (Paolo Abeni) [Orabug: 38852416] {CVE-2025-71144}
    - mm/page_alloc: change all pageblocks migrate type on coalescing (Alexander Gordeev) [Orabug: 38852382]     {CVE-2025-71134}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1455 advisory.

    In the Linux kernel, the following vulnerability has been resolved:

    bpf: Reject narrower access to pointer ctx fields (CVE-2025-38591)

    In the Linux kernel, the following vulnerability has been resolved:

    sched_ext: Fix possible deadlock in the deferred_irq_workfn() (CVE-2025-68333)

    In the Linux kernel, the following vulnerability has been resolved:

    exfat: fix refcount leak in exfat_find (CVE-2025-68351)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: fix racy bitfield write in btrfs_clear_space_info_full() (CVE-2025-68358)

    In the Linux kernel, the following vulnerability has been resolved:

    fs/ntfs3: Initialize allocated memory before use (CVE-2025-68365)

    In the Linux kernel, the following vulnerability has been resolved:

    bpf: Do not let BPF test infra emit invalid GSO types to stack (CVE-2025-68725)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: fix deadlock in wait_current_trans() due to ignored transaction type (CVE-2025-71194)

    In the Linux kernel, the following vulnerability has been resolved:

    net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv (CVE-2026-22996)

    In the Linux kernel, the following vulnerability has been resolved:

    net/sched: sch_qfq: do not free existing class in qfq_change_class() (CVE-2026-22999)

    In the Linux kernel, the following vulnerability has been resolved:

    net/mlx5e: Fix crash on profile change rollback failure (CVE-2026-23000)

    In the Linux kernel, the following vulnerability has been resolved:

    macvlan: fix possible UAF in macvlan_forward_source() (CVE-2026-23001)

    In the Linux kernel, the following vulnerability has been resolved:

    lib/buildid: use __kernel_read() for sleepable context (CVE-2026-23002)

    In the Linux kernel, the following vulnerability has been resolved:

    ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() (CVE-2026-23003)

    In the Linux kernel, the following vulnerability has been resolved:

    x86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1 (CVE-2026-23005)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv6: Fix use-after-free in inet6_addr_del(). (CVE-2026-23010)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv4: ip_gre: make ipgre_header() robust (CVE-2026-23011)

    In the Linux kernel, the following vulnerability has been resolved:

    mm/page_alloc: prevent pcp corruption with SMP=n (CVE-2026-23025)

    In the Linux kernel, the following vulnerability has been resolved:

    null_blk: fix kmemleak by releasing references to fault configfs items (CVE-2026-23032)

    In the Linux kernel, the following vulnerability has been resolved:

    net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv (CVE-2026-23035)

    In the Linux kernel, the following vulnerability has been resolved:

    pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() (CVE-2026-23038)

    In the Linux kernel, the following vulnerability has been resolved:

    pNFS: Fix a deadlock when returning a delegation during open() (CVE-2026-23050)

    In the Linux kernel, the following vulnerability has been resolved:

    NFS: Fix a deadlock involving nfs_release_folio() (CVE-2026-23053)

    In the Linux kernel, the following vulnerability has been resolved:

    net: hv_netvsc: reject RSS hash key programming without RX indirection table (CVE-2026-23054)

    In the Linux kernel, the following vulnerability has been resolved:

    vsock/virtio: Coalesce only linear skb (CVE-2026-23057)

    In the Linux kernel, the following vulnerability has been resolved:

    crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (CVE-2026-23060)

    In the Linux kernel, the following vulnerability has been resolved:

    vsock/virtio: fix potential underflow in virtio_transport_get_credit() (CVE-2026-23069)

    In the Linux kernel, the following vulnerability has been resolved:

    regmap: Fix race condition in hwspinlock irqsave routine (CVE-2026-23071)

    In the Linux kernel, the following vulnerability has been resolved:

    net/sched: Enforce that teql can only be used as root qdisc (CVE-2026-23074)

    In the Linux kernel, the following vulnerability has been resolved:

    fou: Don't allow 0 for FOU_ATTR_IPPROTO. (CVE-2026-23083)

    In the Linux kernel, the following vulnerability has been resolved:

    irqchip/gic-v3-its: Avoid truncating memory addresses (CVE-2026-23085)

    In the Linux kernel, the following vulnerability has been resolved:

    vsock/virtio: cap TX credit to local buffer size (CVE-2026-23086)

    In the Linux kernel, the following vulnerability has been resolved:

    gue: Fix skb memleak with inner IP protocol 0. (CVE-2026-23095)

    In the Linux kernel, the following vulnerability has been resolved:

    migrate: correct lock ordering for hugetlb file folios (CVE-2026-23097)

    In the Linux kernel, the following vulnerability has been resolved:

    bonding: limit BOND_MODE_8023AD to Ethernet devices (CVE-2026-23099)

    In the Linux kernel, the following vulnerability has been resolved:

    ipvlan: Make the addrs_lock be per port (CVE-2026-23103)

    In the Linux kernel, the following vulnerability has been resolved:

    net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag (CVE-2026-23105)

    In the Linux kernel, the following vulnerability has been resolved:

    arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA (CVE-2026-23107)

    In the Linux kernel, the following vulnerability has been resolved:

    scsi: core: Wake up the error handler when final completions race against each other (CVE-2026-23110)

    In the Linux kernel, the following vulnerability has been resolved:

    io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop (CVE-2026-23113)

    In the Linux kernel, the following vulnerability has been resolved:

    bonding: provide a net pointer to __skb_flow_dissect() (CVE-2026-23119)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv6: annotate data-race in ndisc_router_discovery() (CVE-2026-23124)

    In the Linux kernel, the following vulnerability has been resolved:

    sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT (CVE-2026-23125)

    In the Linux kernel, the following vulnerability has been resolved:

    netdevsim: fix a race issue related to the operation on bpf_bound_progs list (CVE-2026-23126)

    In the Linux kernel, the following vulnerability has been resolved:

    arm64: Set __nocfi on swsusp_arch_resume() (CVE-2026-23128)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: send: check for inline extents in range_is_hole_in_parent() (CVE-2026-23141)

    In the Linux kernel, the following vulnerability has been resolved:

    mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure (CVE-2026-23142)

    In the Linux kernel, the following vulnerability has been resolved:

    mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure (CVE-2026-23144)

    In the Linux kernel, the following vulnerability has been resolved:

    ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref (CVE-2026-23145)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6126 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-6126-1                   security@debian.org     https://www.debian.org/security/                     Salvatore Bonaccorso     February 09, 2026                     https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : linux     CVE ID         : CVE-2024-58096 CVE-2024-58097 CVE-2025-22111 CVE-2025-38234                      CVE-2025-38248 CVE-2025-38591 CVE-2025-39872 CVE-2025-40149                      CVE-2025-40164 CVE-2025-40170 CVE-2025-40276 CVE-2025-40325                      CVE-2025-68206 CVE-2025-68333 CVE-2025-68345 CVE-2025-68351                      CVE-2025-68357 CVE-2025-68358 CVE-2025-68365 CVE-2025-68725                      CVE-2025-68749 CVE-2025-68767 CVE-2025-68769 CVE-2025-68770                      CVE-2025-68771 CVE-2025-68772 CVE-2025-68773 CVE-2025-68774                      CVE-2025-68775 CVE-2025-68776 CVE-2025-68777 CVE-2025-68778                      CVE-2025-68780 CVE-2025-68781 CVE-2025-68782 CVE-2025-68783                      CVE-2025-68784 CVE-2025-68785 CVE-2025-68786 CVE-2025-68787                      CVE-2025-68788 CVE-2025-68789 CVE-2025-68792 CVE-2025-68794                      CVE-2025-68795 CVE-2025-68796 CVE-2025-68797 CVE-2025-68798                      CVE-2025-68799 CVE-2025-68800 CVE-2025-68801 CVE-2025-68802                      CVE-2025-68803 CVE-2025-68804 CVE-2025-68806 CVE-2025-68808                      CVE-2025-68809 CVE-2025-68810 CVE-2025-68811 CVE-2025-68813                      CVE-2025-68814 CVE-2025-68815 CVE-2025-68816 CVE-2025-68817                      CVE-2025-68818 CVE-2025-68819 CVE-2025-68820 CVE-2025-68821                      CVE-2025-68822 CVE-2025-71064 CVE-2025-71065 CVE-2025-71066                      CVE-2025-71067 CVE-2025-71068 CVE-2025-71069 CVE-2025-71071                      CVE-2025-71072 CVE-2025-71073 CVE-2025-71075 CVE-2025-71076                      CVE-2025-71077 CVE-2025-71078 CVE-2025-71079 CVE-2025-71080                      CVE-2025-71081 CVE-2025-71082 CVE-2025-71083 CVE-2025-71084                      CVE-2025-71085 CVE-2025-71086 CVE-2025-71087 CVE-2025-71088                      CVE-2025-71089 CVE-2025-71091 CVE-2025-71093 CVE-2025-71094                      CVE-2025-71095 CVE-2025-71096 CVE-2025-71097 CVE-2025-71098                      CVE-2025-71099 CVE-2025-71100 CVE-2025-71101 CVE-2025-71102                      CVE-2025-71104 CVE-2025-71105 CVE-2025-71107 CVE-2025-71108                      CVE-2025-71109 CVE-2025-71111 CVE-2025-71112 CVE-2025-71113                      CVE-2025-71114 CVE-2025-71116 CVE-2025-71118 CVE-2025-71119                      CVE-2025-71120 CVE-2025-71121 CVE-2025-71122 CVE-2025-71123                      CVE-2025-71125 CVE-2025-71126 CVE-2025-71127 CVE-2025-71129                      CVE-2025-71130 CVE-2025-71131 CVE-2025-71132 CVE-2025-71133                      CVE-2025-71134 CVE-2025-71135 CVE-2025-71136 CVE-2025-71137                      CVE-2025-71138 CVE-2025-71140 CVE-2025-71143 CVE-2025-71144                      CVE-2025-71146 CVE-2025-71147 CVE-2025-71148 CVE-2025-71149                      CVE-2025-71150 CVE-2025-71151 CVE-2025-71153 CVE-2025-71154                      CVE-2025-71156 CVE-2025-71157 CVE-2025-71160 CVE-2025-71162                      CVE-2025-71163 CVE-2025-71180 CVE-2025-71182 CVE-2025-71183                      CVE-2025-71184 CVE-2025-71185 CVE-2025-71186 CVE-2025-71189                      CVE-2025-71190 CVE-2025-71191 CVE-2025-71192 CVE-2025-71193                      CVE-2025-71194 CVE-2025-71195 CVE-2025-71196 CVE-2025-71197                      CVE-2025-71198 CVE-2025-71199 CVE-2026-22976 CVE-2026-22977                      CVE-2026-22978 CVE-2026-22979 CVE-2026-22980 CVE-2026-22982                      CVE-2026-22984 CVE-2026-22989 CVE-2026-22990 CVE-2026-22991                      CVE-2026-22992 CVE-2026-22994 CVE-2026-22996 CVE-2026-22997                      CVE-2026-22998 CVE-2026-22999 CVE-2026-23000 CVE-2026-23001                      CVE-2026-23002 CVE-2026-23003 CVE-2026-23005 CVE-2026-23006                      CVE-2026-23010 CVE-2026-23011 CVE-2026-23013 CVE-2026-23019                      CVE-2026-23020 CVE-2026-23021 CVE-2026-23023 CVE-2026-23025                      CVE-2026-23026 CVE-2026-23030 CVE-2026-23031 CVE-2026-23032                      CVE-2026-23033 CVE-2026-23035 CVE-2026-23037 CVE-2026-23038                      CVE-2026-23047 CVE-2026-23049 CVE-2026-23050 CVE-2026-23053                      CVE-2026-23054 CVE-2026-23055 CVE-2026-23056 CVE-2026-23057                      CVE-2026-23058 CVE-2026-23059 CVE-2026-23060 CVE-2026-23061                      CVE-2026-23062 CVE-2026-23063 CVE-2026-23064 CVE-2026-23065                      CVE-2026-23068 CVE-2026-23069 CVE-2026-23071 CVE-2026-23072                      CVE-2026-23073 CVE-2026-23074 CVE-2026-23075 CVE-2026-23076                      CVE-2026-23078 CVE-2026-23080 CVE-2026-23083 CVE-2026-23084                      CVE-2026-23085 CVE-2026-23086 CVE-2026-23087 CVE-2026-23088                      CVE-2026-23089 CVE-2026-23090 CVE-2026-23091 CVE-2026-23093                      CVE-2026-23094 CVE-2026-23095 CVE-2026-23096 CVE-2026-23097                      CVE-2026-23098 CVE-2026-23099 CVE-2026-23101 CVE-2026-23103                      CVE-2026-23105 CVE-2026-23107 CVE-2026-23108 CVE-2026-23110

    Several vulnerabilities have been discovered in the Linux kernel that     may lead to a privilege escalation, denial of service or information     leaks.

    For the stable distribution (trixie), these problems have been fixed in     version 6.12.69-1.

    We recommend that you upgrade your linux packages.

    For the detailed security status of linux please refer to its security     tracker page at:
    https://security-tracker.debian.org/tracker/linux

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - null_blk: fix kmemleak by releasing references to fault configfs items When     CONFIG_BLK_DEV_NULL_BLK_FAULT_INJECTION is enabled, the null-blk driver sets up fault injection support by     creating the timeout_inject, requeue_inject, and init_hctx_fault_inject configfs items as children of the     top-level nullbX configfs group. However, when the nullbX device is removed, the references taken to these     fault-config configfs items are not released. As a result, kmemleak reports a memory leak, for example:
    unreferenced object 0xc00000021ff25c40 (size 32): comm mkdir, pid 10665, jiffies 4322121578 hex dump     (first 32 bytes): 69 6e 69 74 5f 68 63 74 78 5f 66 61 75 6c 74 5f init_hctx_fault_ 69 6e 6a 65 63 74 00 88     00 00 00 00 00 00 00 00 inject.......... backtrace (crc 1a018c86):
    __kmalloc_node_track_caller_noprof+0x494/0xbd8 kvasprintf+0x74/0xf4 config_item_set_name+0xf0/0x104     config_group_init_type_name+0x48/0xfc fault_config_init+0x48/0xf0 0xc0080000180559e4     configfs_mkdir+0x304/0x814 vfs_mkdir+0x49c/0x604 do_mkdirat+0x314/0x3d0 sys_mkdir+0xa0/0xd8     system_call_exception+0x1b0/0x4f0 system_call_vectored_common+0x15c/0x2ec Fix this by explicitly releasing     the references to the fault-config configfs items when dropping the reference to the top-level nullbX     configfs group. (CVE-2026-23032)

Note that Nessus relies on the presence of the package as reported by the vendor.

ID	Name	Product	Family	Severity
301875	Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50144)	Nessus	Oracle Linux Local Security Checks	high
301337	Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1455)	Nessus	Amazon Linux Local Security Checks	high
298403	Debian dsa-6126 : ata-modules-6.12.31-armmp-di - security update	Nessus	Debian Local Security Checks	high
297454	Linux Distros Unpatched Vulnerability : CVE-2026-23032	Nessus	Misc.	medium

Detections

Analytics

CVE-2026-23032

high

Tenable Plugins

high

high

high

medium