{
    "document": {
        "category": "csaf_base",
        "csaf_version": "2.0",
        "distribution": {
            "tlp": {
                "label": "WHITE"
            }
        },
        "lang": "en",
        "notes": [
            {
                "category": "legal_disclaimer",
                "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this portal to enhance access to its information and vulnerabilities. The use of this information is subject to the following terms and conditions:\n\nThe vulnerabilities disclosed in this portal are gathered by NCSC-NL from a variety of open sources, which the user can retrieve from other platforms. NCSC-NL makes every reasonable effort to ensure that the content of this portal is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or real-time keeping up-to-date. NCSC-NL does not control nor guarantee the accuracy, relevance, timeliness or completeness of information obtained from these external sources. The vulnerabilities disclosed in this portal are intended solely for the convenience of professional parties to take appropriate measures to manage the risks posed to the cybersecurity. No rights can be derived from the information provided therein.\n\nNCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of the vulnerabilities disclosed in this portal. This includes damage resulting from the inaccuracy of incompleteness of the information contained in it.\nThe information on this page is subject to Dutch law. All disputes related to or arising from the use of this portal regarding the disclosure of vulnerabilities will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
            }
        ],
        "publisher": {
            "category": "coordinator",
            "contact_details": "cert@ncsc.nl",
            "name": "National Cyber Security Centre",
            "namespace": "https://www.ncsc.nl/"
        },
        "title": "CVE-2026-23223",
        "tracking": {
            "current_release_date": "2026-04-03T03:01:05.267421Z",
            "generator": {
                "date": "2026-02-17T15:00:00Z",
                "engine": {
                    "name": "V.E.L.M.A",
                    "version": "1.7"
                }
            },
            "id": "CVE-2026-23223",
            "initial_release_date": "2026-02-18T15:38:41.821572Z",
            "revision_history": [
                {
                    "date": "2026-02-18T15:38:41.821572Z",
                    "number": "1",
                    "summary": "CVE created.| Source created.| CVE status created. (valid)| Description created for source.| Products created (5).| Products connected (1).| References created (3)."
                },
                {
                    "date": "2026-02-18T15:38:51.564687Z",
                    "number": "2",
                    "summary": "NCSC Score created."
                },
                {
                    "date": "2026-02-18T16:27:38.978633Z",
                    "number": "3",
                    "summary": "Source created.| CVE status created. (valid)| Description created for source.| References created (3)."
                },
                {
                    "date": "2026-02-18T16:27:44.584085Z",
                    "number": "4",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-02-18T18:44:05.080384Z",
                    "number": "5",
                    "summary": "Source created.| CVE status created. (valid)| Products connected (2)."
                },
                {
                    "date": "2026-02-18T18:44:09.673766Z",
                    "number": "6",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-02-19T00:58:44.143099Z",
                    "number": "7",
                    "summary": "Source created.| CVE status created. (valid)| Description created for source.| References created (5)."
                },
                {
                    "date": "2026-02-19T06:43:37.898835Z",
                    "number": "8",
                    "summary": "Description created for source."
                },
                {
                    "date": "2026-02-19T13:06:18.738186Z",
                    "number": "9",
                    "summary": "Source connected.| CVE status created. (valid)| Products connected (1).| References created (36)."
                },
                {
                    "date": "2026-02-19T13:06:21.463952Z",
                    "number": "10",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-02-19T14:16:50.076905Z",
                    "number": "11",
                    "summary": "Source created.| CVE status created. (valid)| EPSS created."
                },
                {
                    "date": "2026-02-19T14:17:01.043758Z",
                    "number": "12",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-02-20T00:27:52.438916Z",
                    "number": "13",
                    "summary": "Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| Products connected (13).| Product Identifiers created (5).| References created (3).| Vendor_assessment created."
                },
                {
                    "date": "2026-02-20T00:27:56.882979Z",
                    "number": "14",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-02-23T03:39:05.218476Z",
                    "number": "15",
                    "summary": "Products created (4).| Products connected (3).| Products removed (3).| References created (1)."
                },
                {
                    "date": "2026-02-23T03:39:16.154339Z",
                    "number": "16",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-02-23T04:25:14.227239Z",
                    "number": "17",
                    "summary": "References created (1)."
                },
                {
                    "date": "2026-02-23T18:19:48.882289Z",
                    "number": "18",
                    "summary": "Source connected.| CVE status created. (valid)| Description created for source.| CVSS created.| Products connected (1)."
                },
                {
                    "date": "2026-02-23T18:19:50.762608Z",
                    "number": "19",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-02-23T18:43:43.572081Z",
                    "number": "20",
                    "summary": "Products connected (2).| Products removed (2)."
                },
                {
                    "date": "2026-02-23T18:43:46.449885Z",
                    "number": "21",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-02-24T00:51:39.634593Z",
                    "number": "22",
                    "summary": "References created (1)."
                },
                {
                    "date": "2026-02-26T12:19:52.068589Z",
                    "number": "23",
                    "summary": "Product Remediations created (1)."
                },
                {
                    "date": "2026-02-26T12:19:57.764131Z",
                    "number": "24",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-13T08:23:39.261016Z",
                    "number": "25",
                    "summary": "Products connected (1).| References created (2)."
                },
                {
                    "date": "2026-03-13T08:23:40.951188Z",
                    "number": "26",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-16T10:37:33.100863Z",
                    "number": "27",
                    "summary": "References created (2)."
                },
                {
                    "date": "2026-03-18T15:27:27.576927Z",
                    "number": "28",
                    "summary": "CVSS created.| Products created (1).| Product Identifiers created (3).| Products connected (2).| CWES updated (1)."
                },
                {
                    "date": "2026-03-18T15:27:37.447442Z",
                    "number": "29",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-19T09:08:17.146985Z",
                    "number": "30",
                    "summary": "Products connected (1).| References created (2)."
                },
                {
                    "date": "2026-03-19T09:08:19.233753Z",
                    "number": "31",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-20T09:55:49.309873Z",
                    "number": "32",
                    "summary": "Source connected.| CVE status created. (valid)| EPSS created."
                },
                {
                    "date": "2026-03-20T09:55:51.725059Z",
                    "number": "33",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-20T20:35:56.529859Z",
                    "number": "34",
                    "summary": "Products connected (1).| References created (4)."
                },
                {
                    "date": "2026-03-20T20:35:59.418917Z",
                    "number": "35",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-25T01:06:12.658674Z",
                    "number": "36",
                    "summary": "References created (1)."
                },
                {
                    "date": "2026-03-25T01:06:46.214811Z",
                    "number": "37",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-25T10:17:40.281666Z",
                    "number": "38",
                    "summary": "Products connected (1).| References created (4)."
                },
                {
                    "date": "2026-03-25T10:17:42.881595Z",
                    "number": "39",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-26T11:44:07.734769Z",
                    "number": "40",
                    "summary": "References created (1)."
                },
                {
                    "date": "2026-03-26T11:44:10.642791Z",
                    "number": "41",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-27T11:56:21.225690Z",
                    "number": "42",
                    "summary": "References created (2)."
                },
                {
                    "date": "2026-03-27T11:56:22.838197Z",
                    "number": "43",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-30T11:11:41.573410Z",
                    "number": "44",
                    "summary": "References created (4)."
                },
                {
                    "date": "2026-03-30T11:11:43.811450Z",
                    "number": "45",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-03-31T11:08:41.239569Z",
                    "number": "46",
                    "summary": "References created (1)."
                },
                {
                    "date": "2026-03-31T11:08:44.147363Z",
                    "number": "47",
                    "summary": "NCSC Score updated."
                },
                {
                    "date": "2026-04-02T12:13:25.543920Z",
                    "number": "48",
                    "summary": "References created (1)."
                }
            ],
            "status": "interim",
            "version": "48"
        }
    },
    "product_tree": {
        "branches": [
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/unknown",
                                "product": {
                                    "name": "vers:unknown/unknown",
                                    "product_id": "CSAFPID-1330296",
                                    "product_identification_helper": {
                                        "cpe": "cpe:/o:amazon:linux_2:-"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Amazon Linux 2"
                    }
                ],
                "category": "vendor",
                "name": "Amazon"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/unknown",
                                "product": {
                                    "name": "vers:unknown/unknown",
                                    "product_id": "CSAFPID-1295663",
                                    "product_identification_helper": {
                                        "cpe": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Debian Linux"
                    },
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:deb/*",
                                        "product": {
                                            "name": "vers:deb/*",
                                            "product_id": "CSAFPID-2036022"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "linux"
                            }
                        ],
                        "category": "product_family",
                        "name": "bookworm"
                    },
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:deb/*",
                                        "product": {
                                            "name": "vers:deb/*",
                                            "product_id": "CSAFPID-2036023"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "linux"
                            }
                        ],
                        "category": "product_family",
                        "name": "bullseye"
                    }
                ],
                "category": "vendor",
                "name": "Debian"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:git/ec793e690f801d97a7ae2a0d429fea1fee4d44aa|<1c253e11225bc5167217897885b85093e17c2217",
                                "product": {
                                    "name": "vers:git/ec793e690f801d97a7ae2a0d429fea1fee4d44aa|<1c253e11225bc5167217897885b85093e17c2217",
                                    "product_id": "CSAFPID-5669159"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:git/ec793e690f801d97a7ae2a0d429fea1fee4d44aa|<1d411278dda293a507cb794db7d9ed3511c685c6",
                                "product": {
                                    "name": "vers:git/ec793e690f801d97a7ae2a0d429fea1fee4d44aa|<1d411278dda293a507cb794db7d9ed3511c685c6",
                                    "product_id": "CSAFPID-5669156"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:git/ec793e690f801d97a7ae2a0d429fea1fee4d44aa|<ba5264610423d9653aa36920520902d83841bcfd",
                                "product": {
                                    "name": "vers:git/ec793e690f801d97a7ae2a0d429fea1fee4d44aa|<ba5264610423d9653aa36920520902d83841bcfd",
                                    "product_id": "CSAFPID-5669158"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:git/ec793e690f801d97a7ae2a0d429fea1fee4d44aa|<ed82e7949f5cac3058f4100f3cd670531d41a266",
                                "product": {
                                    "name": "vers:git/ec793e690f801d97a7ae2a0d429fea1fee4d44aa|<ed82e7949f5cac3058f4100f3cd670531d41a266",
                                    "product_id": "CSAFPID-5669157"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:semver/6.12.72|<=6.12.*",
                                "product": {
                                    "name": "vers:semver/6.12.72|<=6.12.*",
                                    "product_id": "CSAFPID-5618223"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:semver/6.18.11|<=6.18.*",
                                "product": {
                                    "name": "vers:semver/6.18.11|<=6.18.*",
                                    "product_id": "CSAFPID-5629416"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:semver/6.19.1|<=6.19.*",
                                "product": {
                                    "name": "vers:semver/6.19.1|<=6.19.*",
                                    "product_id": "CSAFPID-5629417"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:semver/<6.9",
                                "product": {
                                    "name": "vers:semver/<6.9",
                                    "product_id": "CSAFPID-1286676"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/6.9",
                                "product": {
                                    "name": "vers:unknown/6.9",
                                    "product_id": "CSAFPID-1286675"
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/7.0-rc1|<=*",
                                "product": {
                                    "name": "vers:unknown/7.0-rc1|<=*",
                                    "product_id": "CSAFPID-5669083"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Linux"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/>=6.13|<6.18.11",
                                "product": {
                                    "name": "vers:unknown/>=6.13|<6.18.11",
                                    "product_id": "CSAFPID-5839350",
                                    "product_identification_helper": {
                                        "cpe": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
                                    }
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/>=6.19|<6.19.1",
                                "product": {
                                    "name": "vers:unknown/>=6.19|<6.19.1",
                                    "product_id": "CSAFPID-5754847",
                                    "product_identification_helper": {
                                        "cpe": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
                                    }
                                }
                            },
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/>=6.9|<6.12.72",
                                "product": {
                                    "name": "vers:unknown/>=6.9|<6.12.72",
                                    "product_id": "CSAFPID-5844406",
                                    "product_identification_helper": {
                                        "cpe": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "linux_kernel"
                    }
                ],
                "category": "vendor",
                "name": "Linux"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/unknown",
                                "product": {
                                    "name": "vers:unknown/unknown",
                                    "product_id": "CSAFPID-1330297",
                                    "product_identification_helper": {
                                        "cpe": "cpe:/o:open_source:linux:-"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Open Source Linux Kernel"
                    }
                ],
                "category": "vendor",
                "name": "Open Source"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/unknown",
                                "product": {
                                    "name": "vers:unknown/unknown",
                                    "product_id": "CSAFPID-1317177",
                                    "product_identification_helper": {
                                        "cpe": "cpe:/o:oracle:linux:-"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Oracle Linux"
                    }
                ],
                "category": "vendor",
                "name": "Oracle"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:rpm/10",
                                "product": {
                                    "name": "vers:rpm/10",
                                    "product_id": "CSAFPID-2858634",
                                    "product_identification_helper": {
                                        "cpe": "cpe:/o:redhat:enterprise_linux:10"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Red Hat Enterprise Linux 10"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:rpm/6",
                                "product": {
                                    "name": "vers:rpm/6",
                                    "product_id": "CSAFPID-1439321",
                                    "product_identification_helper": {
                                        "cpe": "cpe:/o:redhat:enterprise_linux:6"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Red Hat Enterprise Linux 6"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:rpm/7",
                                "product": {
                                    "name": "vers:rpm/7",
                                    "product_id": "CSAFPID-1439315",
                                    "product_identification_helper": {
                                        "cpe": "cpe:/o:redhat:enterprise_linux:7"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Red Hat Enterprise Linux 7"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:rpm/8",
                                "product": {
                                    "name": "vers:rpm/8",
                                    "product_id": "CSAFPID-1439317",
                                    "product_identification_helper": {
                                        "cpe": "cpe:/o:redhat:enterprise_linux:8"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Red Hat Enterprise Linux 8"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:rpm/9",
                                "product": {
                                    "name": "vers:rpm/9",
                                    "product_id": "CSAFPID-1439319",
                                    "product_identification_helper": {
                                        "cpe": "cpe:/a:redhat:enterprise_linux:9"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Red Hat Enterprise Linux 9"
                    },
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:rpm/unknown",
                                        "product": {
                                            "name": "vers:rpm/unknown",
                                            "product_id": "CSAFPID-2858635"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "kernel"
                            }
                        ],
                        "category": "product_family",
                        "name": "Red Hat Enterprise Linux 10"
                    },
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:rpm/unknown",
                                        "product": {
                                            "name": "vers:rpm/unknown",
                                            "product_id": "CSAFPID-1453376"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "kernel"
                            }
                        ],
                        "category": "product_family",
                        "name": "Red Hat Enterprise Linux 6"
                    },
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:rpm/unknown",
                                        "product": {
                                            "name": "vers:rpm/unknown",
                                            "product_id": "CSAFPID-1453377"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "kernel"
                            },
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:rpm/unknown",
                                        "product": {
                                            "name": "vers:rpm/unknown",
                                            "product_id": "CSAFPID-1453378"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "kernel-rt"
                            }
                        ],
                        "category": "product_family",
                        "name": "Red Hat Enterprise Linux 7"
                    },
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:rpm/unknown",
                                        "product": {
                                            "name": "vers:rpm/unknown",
                                            "product_id": "CSAFPID-1453379"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "kernel"
                            },
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:rpm/unknown",
                                        "product": {
                                            "name": "vers:rpm/unknown",
                                            "product_id": "CSAFPID-1453380"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "kernel-rt"
                            }
                        ],
                        "category": "product_family",
                        "name": "Red Hat Enterprise Linux 8"
                    },
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:rpm/unknown",
                                        "product": {
                                            "name": "vers:rpm/unknown",
                                            "product_id": "CSAFPID-1453381"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "kernel"
                            },
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:rpm/unknown",
                                        "product": {
                                            "name": "vers:rpm/unknown",
                                            "product_id": "CSAFPID-1453382"
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "kernel-rt"
                            }
                        ],
                        "category": "product_family",
                        "name": "Red Hat Enterprise Linux 9"
                    }
                ],
                "category": "vendor",
                "name": "Red Hat"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/unknown",
                                "product": {
                                    "name": "vers:unknown/unknown",
                                    "product_id": "CSAFPID-1317174",
                                    "product_identification_helper": {
                                        "cpe": "cpe:/o:suse:suse_linux:-"
                                    }
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "SuSE Linux"
                    }
                ],
                "category": "vendor",
                "name": "SUSE"
            },
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "branches": [
                                    {
                                        "category": "product_version_range",
                                        "name": "vers:microsoft/*",
                                        "product": {
                                            "name": "vers:microsoft/*",
                                            "product_id": "CSAFPID-5674307",
                                            "product_identification_helper": {
                                                "cpe": "cpe:2.3:a:microsoft:azl3_kernel_6.6.121.1-1:*:*:*:*:*:*:*:*"
                                            }
                                        }
                                    }
                                ],
                                "category": "product_name",
                                "name": "azl3 kernel 6.6.121.1-1 on Azure Linux 3.0"
                            }
                        ],
                        "category": "product_family",
                        "name": "Open Source Software"
                    }
                ],
                "category": "vendor",
                "name": "Microsoft"
            }
        ]
    },
    "vulnerabilities": [
        {
            "cve": "CVE-2026-23223",
            "cwe": {
                "id": "CWE-416",
                "name": "Use After Free"
            },
            "notes": [
                {
                    "category": "description",
                    "text": "xfs: fix UAF in xchk\\_btree\\_check\\_block\\_owner",
                    "title": "microsoft - https://api.msrc.microsoft.com/cvrf/v3.0/cvrf/2026-Feb"
                },
                {
                    "category": "description",
                    "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix UAF in xchk_btree_check_block_owner\n\nWe cannot dereference bs->cur when trying to determine if bs->cur\naliases bs->sc->sa.{bno,rmap}_cur after the latter has been freed.\nFix this by sampling before type before any freeing could happen.\nThe correct temporal ordering was broken when we removed xfs_btnum_t.",
                    "title": "cveprojectv5 - https://www.cve.org/CVERecord?id=CVE-2026-23223"
                },
                {
                    "category": "description",
                    "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix UAF in xchk_btree_check_block_owner\n\nWe cannot dereference bs->cur when trying to determine if bs->cur\naliases bs->sc->sa.{bno,rmap}_cur after the latter has been freed.\nFix this by sampling before type before any freeing could happen.\nThe correct temporal ordering was broken when we removed xfs_btnum_t.",
                    "title": "nvd - https://nvd.nist.gov/vuln/detail/CVE-2026-23223"
                },
                {
                    "category": "description",
                    "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix UAF in xchk_btree_check_block_owner\n\nWe cannot dereference bs->cur when trying to determine if bs->cur\naliases bs->sc->sa.{bno,rmap}_cur after the latter has been freed.\nFix this by sampling before type before any freeing could happen.\nThe correct temporal ordering was broken when we removed xfs_btnum_t.",
                    "title": "osv - https://www.googleapis.com/download/storage/v1/b/osv-vulnerabilities/o/GIT%2FCVE-2026-23223.json?alt=media"
                },
                {
                    "category": "description",
                    "text": "In the Linux kernel, the following vulnerability has been resolved:  xfs: fix UAF in xchk_btree_check_block_owner  We cannot dereference bs->cur when trying to determine if bs->cur aliases bs->sc->sa.{bno,rmap}_cur after the latter has been freed. Fix this by sampling before type before any freeing could happen. The correct temporal ordering was broken when we removed xfs_btnum_t.",
                    "title": "debian - https://security-tracker.debian.org/tracker/CVE-2026-23223"
                },
                {
                    "category": "description",
                    "text": "In the Linux kernel, the following vulnerability has been resolved:\nxfs: fix UAF in xchk_btree_check_block_owner\nWe cannot dereference bs->cur when trying to determine if bs->cur\naliases bs->sc->sa.{bno,rmap}_cur after the latter has been freed.\nFix this by sampling before type before any freeing could happen.\nThe correct temporal ordering was broken when we removed xfs_btnum_t.",
                    "title": "redhat - https://access.redhat.com/security/cve/CVE-2026-23223"
                },
                {
                    "category": "other",
                    "text": "0.00013",
                    "title": "EPSS"
                },
                {
                    "category": "other",
                    "text": "3.9",
                    "title": "NCSC Score"
                },
                {
                    "category": "other",
                    "text": "VENDOR FIX as product remediation category",
                    "title": "NCSC Score top increasing factors"
                },
                {
                    "category": "other",
                    "text": "Is related to a product by vendor Debian, Is related to (a version of) product Linux Kernel, The value of the most recent EPSS score, Is related to a product by vendor Linux",
                    "title": "NCSC Score top decreasing factors"
                },
                {
                    "category": "details",
                    "text": "Severity: 2\n",
                    "title": "Vendor assessment"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1330297",
                    "CSAFPID-1439317",
                    "CSAFPID-1439319",
                    "CSAFPID-1453379",
                    "CSAFPID-1453380",
                    "CSAFPID-1453381",
                    "CSAFPID-1453382",
                    "CSAFPID-2858634",
                    "CSAFPID-2858635",
                    "CSAFPID-1286675",
                    "CSAFPID-5669156",
                    "CSAFPID-5669157",
                    "CSAFPID-5669158",
                    "CSAFPID-5669159",
                    "CSAFPID-5674307",
                    "CSAFPID-1295663",
                    "CSAFPID-5754847",
                    "CSAFPID-5839350",
                    "CSAFPID-5844406",
                    "CSAFPID-1317174",
                    "CSAFPID-1330296",
                    "CSAFPID-1317177"
                ],
                "known_not_affected": [
                    "CSAFPID-5618223",
                    "CSAFPID-5629416",
                    "CSAFPID-5629417",
                    "CSAFPID-1439315",
                    "CSAFPID-1439321",
                    "CSAFPID-1453376",
                    "CSAFPID-1453377",
                    "CSAFPID-1453378",
                    "CSAFPID-1286676",
                    "CSAFPID-5669083",
                    "CSAFPID-2036022",
                    "CSAFPID-2036023"
                ]
            },
            "references": [
                {
                    "category": "external",
                    "summary": "Source - cveprojectv5",
                    "url": "https://www.cve.org/CVERecord?id=CVE-2026-23223"
                },
                {
                    "category": "external",
                    "summary": "Source raw - cveprojectv5",
                    "url": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2026/23xxx/CVE-2026-23223.json"
                },
                {
                    "category": "external",
                    "summary": "Source - nvd",
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23223"
                },
                {
                    "category": "external",
                    "summary": "Source raw - nvd",
                    "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-23223"
                },
                {
                    "category": "external",
                    "summary": "Source - debian",
                    "url": "https://security-tracker.debian.org/tracker/CVE-2026-23223"
                },
                {
                    "category": "external",
                    "summary": "Source - osv",
                    "url": "https://www.googleapis.com/download/storage/v1/b/osv-vulnerabilities/o/GIT%2FCVE-2026-23223.json?alt=media"
                },
                {
                    "category": "external",
                    "summary": "Source - certbundde",
                    "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0462.json"
                },
                {
                    "category": "external",
                    "summary": "Source - first",
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-23223"
                },
                {
                    "category": "external",
                    "summary": "Source raw - first",
                    "url": "https://api.first.org/data/v1/epss?limit=10000&offset=0"
                },
                {
                    "category": "external",
                    "summary": "Source - redhat",
                    "url": "https://access.redhat.com/security/cve/CVE-2026-23223"
                },
                {
                    "category": "external",
                    "summary": "Source raw - redhat",
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23223.json"
                },
                {
                    "category": "external",
                    "summary": "Source - microsoft",
                    "url": "https://api.msrc.microsoft.com/cvrf/v3.0/cvrf/2026-Feb"
                },
                {
                    "category": "external",
                    "summary": "Source - first",
                    "url": "https://api.first.org/data/v1/epss?limit=10000&offset=0"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; nvd; osv",
                    "url": "https://git.kernel.org/stable/c/1d411278dda293a507cb794db7d9ed3511c685c6"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; nvd; osv",
                    "url": "https://git.kernel.org/stable/c/ed82e7949f5cac3058f4100f3cd670531d41a266"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; nvd; osv",
                    "url": "https://git.kernel.org/stable/c/ba5264610423d9653aa36920520902d83841bcfd"
                },
                {
                    "category": "external",
                    "summary": "Reference - osv",
                    "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23223.json"
                },
                {
                    "category": "external",
                    "summary": "Reference - osv; redhat",
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23223"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0462.json"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0462"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021859-CVE-2025-71225-44de@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021859-CVE-2025-71226-5662@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021859-CVE-2025-71227-949c@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021859-CVE-2025-71228-d43d@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021802-CVE-2025-71229-81bd@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021804-CVE-2025-71230-8e25@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021805-CVE-2025-71231-5cc3@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021805-CVE-2025-71232-8ee0@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021805-CVE-2025-71233-0c35@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021805-CVE-2025-71234-3bb7@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021805-CVE-2025-71235-b233@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021806-CVE-2025-71236-26df@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021806-CVE-2025-71237-545a@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021830-CVE-2026-23211-10d0@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021832-CVE-2026-23212-adae@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021800-CVE-2026-23213-c699@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021800-CVE-2026-23214-c822@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021800-CVE-2026-23215-3294@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021800-CVE-2026-23216-6c63@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021800-CVE-2026-23217-f399@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021801-CVE-2026-23218-4114@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021801-CVE-2026-23219-3569@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021806-CVE-2026-23220-efda@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021806-CVE-2026-23221-43ae@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021806-CVE-2026-23222-3958@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021806-CVE-2026-23223-e3d3@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021807-CVE-2026-23224-b534@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021807-CVE-2026-23225-2a27@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021807-CVE-2026-23226-438c@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021807-CVE-2026-23227-6986@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021807-CVE-2026-23228-647c@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021808-CVE-2026-23229-9dfe@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021808-CVE-2026-23230-8d0e@gregkh/"
                },
                {
                    "category": "external",
                    "summary": "Reference - redhat",
                    "url": "https://www.cve.org/CVERecord?id=CVE-2026-23223"
                },
                {
                    "category": "external",
                    "summary": "Reference - redhat",
                    "url": "https://lore.kernel.org/linux-cve-announce/2026021806-CVE-2026-23223-e3d3@gregkh/T"
                },
                {
                    "category": "external",
                    "summary": "Reference - cveprojectv5; nvd; osv",
                    "url": "https://git.kernel.org/stable/c/1c253e11225bc5167217897885b85093e17c2217"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.debian.org/debian-security-announce/2026/msg00071.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.debian.org/debian-security-announce/2026/msg00072.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.debian.org/debian-lts-announce/2026/03/msg00003.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.debian.org/debian-lts-announce/2026/03/msg00002.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024746.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024715.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024771.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.15-2026-099.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2026-114.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024766.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024803.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://linux.oracle.com/errata/ELSA-2026-50160.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024862.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024871.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024895.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024928.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024954.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024953.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024999.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024968.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024969.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024994.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/025054.html"
                },
                {
                    "category": "external",
                    "summary": "Reference - certbundde",
                    "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025086.html"
                }
            ],
            "remediations": [
                {
                    "category": "vendor_fix",
                    "details": "CBL-Mariner Releases",
                    "product_ids": [
                        "CSAFPID-5674307"
                    ]
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                        "baseScore": 7.8,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1286675",
                        "CSAFPID-1295663",
                        "CSAFPID-1317174",
                        "CSAFPID-1317177",
                        "CSAFPID-1330296",
                        "CSAFPID-1330297",
                        "CSAFPID-1439317",
                        "CSAFPID-1439319",
                        "CSAFPID-1453379",
                        "CSAFPID-1453380",
                        "CSAFPID-1453381",
                        "CSAFPID-1453382",
                        "CSAFPID-2858634",
                        "CSAFPID-2858635",
                        "CSAFPID-5669156",
                        "CSAFPID-5669157",
                        "CSAFPID-5669158",
                        "CSAFPID-5669159",
                        "CSAFPID-5674307",
                        "CSAFPID-5754847",
                        "CSAFPID-5839350",
                        "CSAFPID-5844406"
                    ]
                }
            ],
            "title": "CVE-2026-23223"
        }
    ]
}