CVE-2026-23285

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drbd: fix null-pointer dereference on local read error<br /> <br /> In drbd_request_endio(), READ_COMPLETED_WITH_ERROR is passed to<br /> __req_mod() with a NULL peer_device:<br /> <br /> __req_mod(req, what, NULL, &amp;m);<br /> <br /> The READ_COMPLETED_WITH_ERROR handler then unconditionally passes this<br /> NULL peer_device to drbd_set_out_of_sync(), which dereferences it,<br /> causing a null-pointer dereference.<br /> <br /> Fix this by obtaining the peer_device via first_peer_device(device),<br /> matching how drbd_req_destroy() handles the same situation.