Wind River Support Network

HomeDefectsLIN1023-18860
Acknowledged

LIN1023-18860 : Security Advisory - linux - CVE-2026-23156

Created: Feb 24, 2026    Updated: Feb 26, 2026
Found In Version: 10.23.30.2
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel

Description

In the Linux kernel, the following vulnerability has been resolved:

efivarfs: fix error propagation in efivar_entry_get()

efivar_entry_get() always returns success even if the underlying
__efivar_entry_get() fails, masking errors.

This may result in uninitialized heap memory being copied to userspace
in the efivarfs_file_read() path.

Fix it by returning the error from __efivar_entry_get().
  • Linkedin
  • Facebook
  • Twitter
  • Youtube