CVE-2026-23216
Published: February 18, 2026· Updated: Feb 18, 2026
Official Description
In the Linux kernel, the following vulnerability has been resolved:
scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()
In iscsit_dec_conn_usage_count(), the function calls complete() while
holding the conn->conn_usage_lock. As soon as complete() is invoked, the
waiter (such as iscsit_close_connection()) may wake up and proceed to free
the iscsit_conn structure.
If the waiter frees the memory before the current thread reaches
spin_unlock_bh(), it results in a KASAN slab-use-after-free as the function
attempts to release a lock within the already-freed connection structure.
Fix this by releasing the spinlock before calling complete().
Technical Analysis
CVE-2026-23216 requires local access, meaning attackers must already have a foothold on the target system.
Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.
Affected Vendors & Products
Exploit & PoC Resources
All References (7)
Quick Facts
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2026-23216 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts