VYPR
Unrated severityNVD Advisory· Published Feb 14, 2026

efivarfs: fix error propagation in efivar_entry_get()

CVE-2026-23156

Description

In the Linux kernel, the following vulnerability has been resolved:

efivarfs: fix error propagation in efivar_entry_get()

efivar_entry_get() always returns success even if the underlying __efivar_entry_get() fails, masking errors.

This may result in uninitialized heap memory being copied to userspace in the efivarfs_file_read() path.

Fix it by returning the error from __efivar_entry_get().

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

146

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.