CVE-2026-23147
Unknown Unknown - Not Provided
Folio Leak in Linux btrfs zlib on S390 Hardware

Publication date: 2026-02-14

Last updated on: 2026-03-17

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix the folio leak on S390 hardware acceleration [BUG] After commit aa60fe12b4f4 ("btrfs: zlib: refactor S390x HW acceleration buffer preparation"), we no longer release the folio of the page cache of folio returned by btrfs_compress_filemap_get_folio() for S390 hardware acceleration path. [CAUSE] Before that commit, we call kumap_local() and folio_put() after handling each folio. Although the timing is not ideal (it release previous folio at the beginning of the loop, and rely on some extra cleanup out of the loop), it at least handles the folio release correctly. Meanwhile the refactored code is easier to read, it lacks the call to release the filemap folio. [FIX] Add the missing folio_put() for copy_data_into_buffer().
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-14
Last Modified
2026-03-17
Generated
2026-06-16
AI Q&A
2026-02-14
EPSS Evaluated
2026-06-15
NVD
CVE-2026-23147
EUVD
EUVD-2026-5888
Affected Vendors & Products
Showing 8 associated CPEs
Vendor Product Version / Range
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel From 6.15 (inc) to 6.18.9 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-401 The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a folio leak in the Linux kernel's btrfs filesystem compression code when using S390 hardware acceleration. After a specific code refactor, the system stopped releasing memory pages (folios) properly during compression, causing a resource leak.

Originally, the code released folios after handling each one, but the refactored code omitted this release step, leading to the leak.

The fix involved adding the missing call to release the folio in the compression buffer handling function.

Impact Analysis

This vulnerability can cause a memory leak in the Linux kernel when using btrfs compression with S390 hardware acceleration.

Over time, this leak could lead to increased memory consumption, potentially degrading system performance or causing resource exhaustion.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

The vulnerability in the Linux kernel related to btrfs and zlib on S390 hardware acceleration has been fixed by adding the missing folio_put() call. To mitigate this vulnerability, you should update your Linux kernel to a version that includes this fix.

  • Identify your current kernel version using the command: uname -r
  • Check for available kernel updates from your distribution's package manager.
  • Apply the kernel update that contains the fix for this vulnerability.
  • Reboot the system to load the updated kernel.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-23147. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart