CVE-2026-23014
BaseFortify
Publication date: 2026-01-28
Last updated on: 2026-04-27
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | 6.18 |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | From 6.17.8 (inc) to 6.18 (exc) |
| linux | linux_kernel | From 6.18.1 (inc) to 6.18.6 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel relates to the perf subsystem's handling of high-resolution timers (hrtimers) in swevent. Specifically, after a change to the function hrtimer_try_to_cancel() within perf_swevent_cancel_hrtimer(), it became possible for the hrtimer to remain active even when the associated event is freed. The fix ensures that the event fully cancels the hrtimer during the free path by adding a perf_event::destroy handler to properly destroy the swevent hrtimer.
How can this vulnerability impact me? :
If the hrtimer is not properly destroyed when the event is freed, it could lead to use-after-free conditions or other timing-related issues in the kernel's perf subsystem. This might cause system instability, crashes, or potential security risks due to improper resource management.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch or update to the Linux kernel version that includes the fix for this vulnerability, which ensures the swevent hrtimer is properly destroyed by installing a perf_event::destroy handler and performing a full hrtimer_cancel() on the free path.