目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

CVE-2026-23214— Linux kernel 安全漏洞

AI 预测 3.3 利用难度: 极易 EPSS 0.11% · P2

影响版本矩阵 8

厂商产品版本范围状态
LinuxLinux42437a6386ffeaaf200731e73d723ea491f3fe7d< a928eecf030a9a5dc5f5ca98332699f379b91963affected
42437a6386ffeaaf200731e73d723ea491f3fe7d< 3228b2eceb6c3d7e237f8a5330113dbd164fb90daffected
42437a6386ffeaaf200731e73d723ea491f3fe7d< 1972f44c189c8aacde308fa9284e474c1a5cbd9faffected
5.11affected
< 5.11unaffected
6.12.70≤ 6.12.*unaffected
6.18.10≤ 6.18.*unaffected
6.19≤ *unaffected
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2026-23214 基础信息

漏洞信息

对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
btrfs: reject new transactions if the fs is fully read-only
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: btrfs: reject new transactions if the fs is fully read-only [BUG] There is a bug report where a heavily fuzzed fs is mounted with all rescue mount options, which leads to the following warnings during unmount: BTRFS: Transaction aborted (error -22) Modules linked in: CPU: 0 UID: 0 PID: 9758 Comm: repro.out Not tainted 6.19.0-rc5-00002-gb71e635feefc #7 PREEMPT(full) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 RIP: 0010:find_free_extent_update_loop fs/btrfs/extent-tree.c:4208 [inline] RIP: 0010:find_free_extent+0x52f0/0x5d20 fs/btrfs/extent-tree.c:4611 Call Trace: <TASK> btrfs_reserve_extent+0x2cd/0x790 fs/btrfs/extent-tree.c:4705 btrfs_alloc_tree_block+0x1e1/0x10e0 fs/btrfs/extent-tree.c:5157 btrfs_force_cow_block+0x578/0x2410 fs/btrfs/ctree.c:517 btrfs_cow_block+0x3c4/0xa80 fs/btrfs/ctree.c:708 btrfs_search_slot+0xcad/0x2b50 fs/btrfs/ctree.c:2130 btrfs_truncate_inode_items+0x45d/0x2350 fs/btrfs/inode-item.c:499 btrfs_evict_inode+0x923/0xe70 fs/btrfs/inode.c:5628 evict+0x5f4/0xae0 fs/inode.c:837 __dentry_kill+0x209/0x660 fs/dcache.c:670 finish_dput+0xc9/0x480 fs/dcache.c:879 shrink_dcache_for_umount+0xa0/0x170 fs/dcache.c:1661 generic_shutdown_super+0x67/0x2c0 fs/super.c:621 kill_anon_super+0x3b/0x70 fs/super.c:1289 btrfs_kill_super+0x41/0x50 fs/btrfs/super.c:2127 deactivate_locked_super+0xbc/0x130 fs/super.c:474 cleanup_mnt+0x425/0x4c0 fs/namespace.c:1318 task_work_run+0x1d4/0x260 kernel/task_work.c:233 exit_task_work include/linux/task_work.h:40 [inline] do_exit+0x694/0x22f0 kernel/exit.c:971 do_group_exit+0x21c/0x2d0 kernel/exit.c:1112 __do_sys_exit_group kernel/exit.c:1123 [inline] __se_sys_exit_group kernel/exit.c:1121 [inline] __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1121 x64_sys_call+0x2210/0x2210 arch/x86/include/generated/asm/syscalls_64.h:232 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xe8/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x44f639 Code: Unable to access opcode bytes at 0x44f60f. RSP: 002b:00007ffc15c4e088 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 00000000004c32f0 RCX: 000000000044f639 RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001 RBP: 0000000000000001 R08: ffffffffffffffc0 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004c32f0 R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001 </TASK> Since rescue mount options will mark the full fs read-only, there should be no new transaction triggered. But during unmount we will evict all inodes, which can trigger a new transaction, and triggers warnings on a heavily corrupted fs. [CAUSE] Btrfs allows new transaction even on a read-only fs, this is to allow log replay happen even on read-only mounts, just like what ext4/xfs do. However with rescue mount options, the fs is fully read-only and cannot be remounted read-write, thus in that case we should also reject any new transactions. [FIX] If we find the fs has rescue mount options, we should treat the fs as error, so that no new transaction can be started.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于在文件系统完全只读时未拒绝新事务,可能导致事务中止。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商产品影响版本CPE订阅
LinuxLinux 42437a6386ffeaaf200731e73d723ea491f3fe7d ~ a928eecf030a9a5dc5f5ca98332699f379b91963 -
LinuxLinux 5.11 -

二、漏洞 CVE-2026-23214 的公开POC

#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2026-23214 的情报信息

登录查看更多情报信息。

同批安全公告 · Linux · 2026-02-18 · 共 31 条

CVE-2026-232308.8 HIGHLinux kernel 安全漏洞
CVE-2026-232268.8 HIGHLinux kernel 安全漏洞
CVE-2026-232277.8 HIGHLinux kernel 安全漏洞
CVE-2026-232257.8 HIGHLinux kernel 安全漏洞
CVE-2026-232247.8 HIGHLinux kernel 安全漏洞
CVE-2026-232227.8 HIGHLinux kernel 安全漏洞
CVE-2025-71234Linux kernel 安全漏洞
CVE-2026-23229Linux kernel 安全漏洞
CVE-2026-23228Linux kernel 安全漏洞
CVE-2026-23223Linux kernel 安全漏洞
CVE-2026-23221Linux kernel 安全漏洞
CVE-2026-23220Linux kernel 安全漏洞
CVE-2025-71237Linux kernel 安全漏洞
CVE-2025-71236Linux kernel 安全漏洞
CVE-2025-71235Linux kernel 安全漏洞
CVE-2026-23211Linux kernel 安全漏洞
CVE-2025-71233Linux kernel 安全漏洞
CVE-2025-71232Linux kernel 安全漏洞
CVE-2025-71231Linux kernel 安全漏洞
CVE-2025-71230Linux kernel 安全漏洞

显示前 20 条,共 31 条。 查看全部 &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2026-23214

暂无评论


发表评论