CVE-2026-23241

In the Linux kernel, the following vulnerability has been resolved:

audit: add missing syscalls to read class

The “at” variant of getxattr() and listxattr() are missing from the
audit read class. Calling getxattrat() or listxattrat() on a file to
read its extended attributes will bypass audit rules such as:

-w /tmp/test -p rwa -k test_rwa

The current patch adds missing syscalls to the audit read class.

More information : https://git.kernel.org/stable/c/a2e8c144299c31d3972295ed80d4cb908daf4f6f