CVE-2026-23153

UNKNOWN 0.0

firewire: core: fix race condition against transaction list

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: firewire: core: fix race condition against transaction list The list of transaction is enumerated without acquiring card lock when processing AR response event. This causes a race condition bug when processing AT request completion event concurrently. This commit fixes the bug by put timer start for split transaction expiration into the scope of lock. The value of jiffies in card structure is referred before acquiring the lock.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Feb 14, 2026
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

b5725cfa4120a4d234ab112aad151d731531d093 < b038874e31fc3caa0b0d5abd259dd54b918ad4a1 b5725cfa4120a4d234ab112aad151d731531d093 < 20e01bba2ae4898ce65cdcacd1bd6bec5111abd9

Linux / Linux

6.18

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/b038874e31fc3caa0b0d5abd259dd54b918ad4a1 git.kernel.org: https://git.kernel.org/stable/c/20e01bba2ae4898ce65cdcacd1bd6bec5111abd9