drbd: fix "LOGIC BUG" in drbd_al_begin_io_nonblock() — CVE-2026-23356

Summary

Advisory CVE-2026-23356. drbd: fix "LOGIC BUG" in drbd_al_begin_io_nonblock() Vendor: Microsoft. Source: MSRC. Threat: medium. CVSS 6.3. See the official advisory for details.

What to do

General, cautious steps (verify details in the official source):

• Review exposure and plan remediation based on risk and environment.
• Identify affected product versions in your inventory and verify whether you are impacted.
• Apply vendor patches/updates or recommended mitigations as soon as available.
• Read the official advisory for exact affected versions and remediation steps.

Official advisory

Read the official source

Related advisories

• token leak with redirect and netrc CVE-2026-3783
• A stack use-after-return flaw in SIG(0) handling code may enable ACL bypass CVE-2026-3591
• Authenticated query containing a TKEY record may cause named to terminate unexpectedly CVE-2026-3119
• Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching CVE-2026-33672
• python-ecdsa: Denial of Service via improper DER length validation in crafted private keys CVE-2026-33936
• Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function CVE-2026-25645
• etcd: Nested etcd transactions bypass RBAC authorization checks CVE-2026-33343
• Microsoft Edge (Chromium-based) Defense in Depth Vulnerability CVE-2026-32187
• Binutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library CVE-2026-4647
• icmp: fix NULL pointer dereference in icmp_tag_validation() CVE-2026-23398
• Mariner CVE-2026-34085
• nfnetlink_osf: validate individual option lengths in fingerprints CVE-2026-23397