Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Linux Kernel: Data Corruption Risk in NVMET-TCP Socket Close
CVE-2026-23179
Summary
A bug in the Linux kernel's NVMET-TCP feature could cause a data corruption issue when a socket is closed while in a specific state. This could potentially lead to data loss or system instability. The issue has been fixed in a recent kernel update, so it's essential to update your system to the latest version to prevent this problem.
Original title
In the Linux kernel, the following vulnerability has been resolved:
nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready()
When the socket is closed while in TCP_LISTEN a callback is run to
flush...
Original description
In the Linux kernel, the following vulnerability has been resolved:
nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready()
When the socket is closed while in TCP_LISTEN a callback is run to
flush all outstanding packets, which in turns calls
nvmet_tcp_listen_data_ready() with the sk_callback_lock held.
So we need to check if we are in TCP_LISTEN before attempting
to get the sk_callback_lock() to avoid a deadlock.
nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready()
When the socket is closed while in TCP_LISTEN a callback is run to
flush all outstanding packets, which in turns calls
nvmet_tcp_listen_data_ready() with the sk_callback_lock held.
So we need to check if we are in TCP_LISTEN before attempting
to get the sk_callback_lock() to avoid a deadlock.
Published: 14 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026