cve 2026-23348

CVE-2026-23348 is a Linux kernel race condition in the nvdimm_bus object during NVDIMM object creation, specifically in the CXL path. This concurrency bug affects the subsystem responsible for persistent memory enumeration and device lifecycle handling, occurring when the system builds or registers memory-related objects. The vulnerability sits at the intersection of device discovery and persistent memory, making it significant for systems using NVDIMMs. While the flaw is in the Linux kernel, it is relevant to Windows users running virtualized or dual-boot environments where such memory devices are used. Discussions on WindowsForum.com focus on understanding the technical details and implications for platform reliability.