DEBIAN-CVE-2026-23193

In the Linux kernel, the following vulnerability has been resolved:  scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount()  In iscsitdecsessionusagecount(), the function calls complete() while holding the sess->sessionusagelock. Similar to the connection usage count logic, the waiter signaled by complete() (e.g., in the session release path) may wake up and free the iscsitsession structure immediately.  This creates a race condition where the current thread may attempt to execute spinunlockbh() on a session structure that has already been deallocated, resulting in a KASAN slab-use-after-free.  To resolve this, release the sessionusage_lock before calling complete() to ensure all dereferences of the sess pointer are finished before the waiter is allowed to proceed with deallocation.