HOMEVULNERABILITIESCVE-2026-23211
NONE

CVE-2026-23211

Published: February 18, 2026· Updated: Feb 18, 2026

EPSS:0.02%probability of exploitation in 30 daysPercentile:4.5th

Official Description

In the Linux kernel, the following vulnerability has been resolved:

mm, swap: restore swap_space attr aviod kernel panic

commit 8b47299a411a ("mm, swap: mark swap address space ro and add context

debug check") made the swap address space read-only. It may lead to

kernel panic if arch_prepare_to_swap returns a failure under heavy memory

pressure as follows,

el1_abort+0x40/0x64

el1h_64_sync_handler+0x48/0xcc

el1h_64_sync+0x84/0x88

errseq_set+0x4c/0xb8 (P)

__filemap_set_wb_err+0x20/0xd0

shrink_folio_list+0xc20/0x11cc

evict_folios+0x1520/0x1be4

try_to_shrink_lruvec+0x27c/0x3dc

shrink_one+0x9c/0x228

shrink_node+0xb3c/0xeac

do_try_to_free_pages+0x170/0x4f0

try_to_free_pages+0x334/0x534

__alloc_pages_direct_reclaim+0x90/0x158

__alloc_pages_slowpath+0x334/0x588

__alloc_frozen_pages_noprof+0x224/0x2fc

__folio_alloc_noprof+0x14/0x64

vma_alloc_zeroed_movable_folio+0x34/0x44

do_pte_missing+0xad4/0x1040

handle_mm_fault+0x4a4/0x790

do_page_fault+0x288/0x5f8

do_translation_fault+0x38/0x54

do_mem_abort+0x54/0xa8

Restore swap address space as not ro to avoid the panic.

NVD Source

Technical Analysis

CVE-2026-23211 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

Affected Vendors & Products

Mentioned vendors (from description):
Linux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (2)

Quick Facts

CVE IDCVE-2026-23211
SeverityNONE
CISA KEVNo
EPSS (30d)0.02%
PublishedFeb 18, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-23211 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.