In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix NULL pointer dereference in do_abort_log_replay()
Coverity reported a NULL pointer dereference issue (CID 1666756) in
do_abort_log_replay(). When btrfs_alloc_path() fails in
replay_one_buffer(), wc->subvol_path is NULL, but btrfs_abort_log_replay()
calls do_abort_log_replay() which unconditionally dereferences
wc->subvol_path when attempting to print debug information. Fix this by
adding a NULL check before dereferencing wc->subvol_path in
do_abort_log_replay().
CVE-2026-23043
NONE
EPSS 0.03%
Updated Feb 04, 2026
In
CVE Details
CVE ID
CVE-2026-23043
Published Date
Feb 04, 2026
Vendor
In
Severity
NONE
Exploit Prediction (EPSS)
Probability of Exploit
0.03%
Likelihood of exploitation in next 30 days
Percentile:
6.9th percentile (higher than 6.9% of all CVEs)
Standard patching cycle
Impact
Minimal impact
Source
View Advisory