DEBIAN-CVE-2026-23415

In the Linux kernel, the following vulnerability has been resolved:  futex: Fix UaF between futexkeytonodeopt() and vmareplacepolicy()  During futexkeytonodeopt() execution, vma->vmpolicy is read under speculative mmap lock and RCU. Concurrently, mbind() may call vmareplacepolicy() which frees the old mempolicy immediately via kmemcachefree().  This creates a race where futexkeytonode() dereferences a freed mempolicy pointer, causing a use-after-free read of mpol->mode.  [  151.412631] BUG: KASAN: slab-use-after-free in futexkeytonode (kernel/futex/core.c:349) [  151.414046] Read of size 2 at addr ffff888001c49634 by task e/87  [  151.415969] Call Trace:  [  151.416732]  asanload2 (mm/kasan/generic.c:271) [  151.416777]  _futexkeytonode (kernel/futex/core.c:349) [  151.416822]  getfutexkey (kernel/futex/core.c:374 kernel/futex/core.c:386 kernel/futex/core.c:593)  Fix by adding rcu to _mpolput().