CVE-2026-23156 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: efivarfs: fix error propagation in efivar_entry_get() efivar_entry_get() always returns success even if the underlying __efivar_entry_get() fails, masking errors. This may result in uninitialized heap memory being copied to userspace in the efivarfs_file_read() path. Fix it by returning the error from __efivar_entry_get().

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/3960f1754664661a970dc9ebbab44ff93a0b4c42
https://git.kernel.org/stable/c/4b22ec1685ce1fc0d862dcda3225d852fb107995
https://git.kernel.org/stable/c/510a16f1c5c1690b33504052bc13fbc2772c23f8
https://git.kernel.org/stable/c/89b8ca709eeeabcc11ebba64806677873a2787a8
https://git.kernel.org/stable/c/e4e15a0a4403c96d9898d8398f0640421df9cb16
https://lore.kernel.org/linux-cve-announce/2026021416-CVE-2026-23156-b2f4@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-23156
https://www.cve.org/CVERecord?id=CVE-2026-23156

History

Mon, 16 Feb 2026 12:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2026021416-CVE-2026-23156-b2f4@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-23156 https://www.cve.org/CVERecord?id=CVE-2026-23156
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Important`

Sat, 14 Feb 2026 16:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: efivarfs: fix error propagation in efivar_entry_get() efivar_entry_get() always returns success even if the underlying __efivar_entry_get() fails, masking errors. This may result in uninitialized heap memory being copied to userspace in the efivarfs_file_read() path. Fix it by returning the error from __efivar_entry_get().
Title		efivarfs: fix error propagation in efivar_entry_get()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/3960f1754664661a970dc9ebbab44ff93a0b4c42 https://git.kernel.org/stable/c/4b22ec1685ce1fc0d862dcda3225d852fb107995 https://git.kernel.org/stable/c/510a16f1c5c1690b33504052bc13fbc2772c23f8 https://git.kernel.org/stable/c/89b8ca709eeeabcc11ebba64806677873a2787a8 https://git.kernel.org/stable/c/e4e15a0a4403c96d9898d8398f0640421df9cb16

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-02-14T16:01:23.215Z

Updated: 2026-02-14T16:01:23.215Z

Reserved: 2026-01-13T15:37:45.978Z

Link: CVE-2026-23156

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-02-14T16:15:55.760

Modified: 2026-02-18T17:52:44.520

Link: CVE-2026-23156

Redhat

Severity : Important

Publid Date: 2026-02-14T00:00:00Z

Links: CVE-2026-23156 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object