What is CVE-2026-23211?

CVE-2026-23211 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10, affecting Linux kernel versions from 6.18 onward and patched in 6.18.9 and 6.19. CVE-2026-23211 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2026-23211?

CVE-2026-23211 has a CVSS score of 5.5 out of 10, rated Medium severity. The vector string is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.

Is there a patch available for CVE-2026-23211?

Yes, CVE-2026-23211 has been patched. Fixed versions include 6.18.9 and 6.19. If you are running Linux kernel 6.18 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2026-23211 actively exploited?

CVE-2026-23211 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2026-23211

Medium

In the Linux kernel, the following vulnerability has been resolved: mm, swap: restore swap_space attr aviod kernel panic commit 8b47299a411a ("mm, swap: mark swap address space ro and add context debug check") made the swap address space read-only. It may lead to kernel panic if arch_prepare_to_swap returns a failure under heavy memory pressure as follows, el1_abort+0x40/0x64 el1h_64_sync_handler+0x48/0xcc el1h_64_sync+0x84/0x88 errseq_set+0x4c/0xb8 (P) __filemap_set_wb_err+0x20/0xd0 shrink_folio_list+0xc20/0x11cc evict_folios+0x1520/0x1be4 try_to_shrink_lruvec+0x27c/0x3dc shrink_one+0x9c/0x228 shrink_node+0xb3c/0xeac do_try_to_free_pages+0x170/0x4f0 try_to_free_pages+0x334/0x534 __alloc_pages_direct_reclaim+0x90/0x158 __alloc_pages_slowpath+0x334/0x588 __alloc_frozen_pages_noprof+0x224/0x2fc __folio_alloc_noprof+0x14/0x64 vma_alloc_zeroed_movable_folio+0x34/0x44 do_pte_missing+0xad4/0x1040 handle_mm_fault+0x4a4/0x790 do_page_fault+0x288/0x5f8 do_translation_fault+0x38/0x54 do_mem_abort+0x54/0xa8 Restore swap address space as not ro to avoid the panic.

Package Linux Kernel

Published 2026-02-18

Last modified 2026-03-18

CVSS version 3.1

Patch available

Yes

CVSS 3.1 score

5.5

out of 10

Medium

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

High

Vector string

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected versions

Linux kernel versions 6.18 and later are affected. Fixed in 6.18.9, 6.19 and their respective stable series.

Affected from

≥ 6.18

Fixed in

✓ 6.18.9 6.18.x ✓ 6.19

References

The following references provide additional information about CVE-2026-23211 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/a0f3c0845a4ff68d403c568266d17e9cc553e561
Patch
Kernel patch commit
https://git.kernel.org/stable/c/b0020cbd26380177b9fb8b7e75a8f7bdba79db20
Patch

Details

CVE ID CVE-2026-23211

Severity Medium

CVSS score 5.5 / 10

CVSS version 3.1

Published 2026-02-18

Modified 2026-03-18

KEV No

Patch

Yes

Package linux

Frequently asked questions

What is CVE-2026-23211?

CVE-2026-23211 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10 . It affects Linux kernel versions from 6.18 onward and has been patched in 6.18.9 and 6.19. CVE-2026-23211 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
What is the CVSS score for CVE-2026-23211?

CVE-2026-23211 has a CVSS score of 5.5 out of 10, rated Medium severity (CVSS 3.1). The vector string is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.
Is there a patch available for CVE-2026-23211?

Yes — CVE-2026-23211 has been patched. Fixed versions include 6.18.9 and 6.19. If you are running Linux kernel 6.18 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2026-23211 actively exploited?

No — CVE-2026-23211 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.