CVE-2026-23419
Circular Locking Dependency in Linux Kernel RDS TCP Component
Publication date: 2026-04-03
Last updated on: 2026-04-27
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 5.18 |
| linux | linux_kernel | From 6.19 (inc) to 6.19.7 (exc) |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | From 6.13 (inc) to 6.18.17 (exc) |
| linux | linux_kernel | From 6.7 (inc) to 6.12.77 (exc) |
| linux | linux_kernel | From 5.17.7 (inc) to 5.18 (exc) |
| linux | linux_kernel | From 5.18.1 (inc) to 6.6.130 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-667 | The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a circular locking dependency in the Linux kernel's RDS (Reliable Datagram Sockets) TCP tuning code, specifically in the function rds_tcp_tune().
The problem occurs because the function sk_net_refcnt_upgrade() is called while holding the socket lock, and this function performs memory allocation that can trigger another lock (fs_reclaim). This creates a circular dependency between the socket lock and the fs_reclaim lock, which can lead to deadlocks.
The fix involved moving the call to sk_net_refcnt_upgrade() outside of the socket lock critical section, ensuring that the fields it modifies are not accessed concurrently, thus breaking the circular locking dependency.
How can this vulnerability impact me? :
This vulnerability can cause deadlocks in the Linux kernel when the circular locking dependency is triggered. Deadlocks can lead to system hangs or degraded performance, affecting the stability and reliability of systems running the vulnerable kernel.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is fixed by moving the sk_net_refcnt_upgrade() call outside the socket lock critical section in the Linux kernel code, specifically in the net/rds subsystem.
To mitigate this vulnerability immediately, you should update your Linux kernel to a version that includes this fix.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves a circular locking dependency detected in the Linux kernel's rds_tcp_tune function, which can be identified by kernel warnings about circular locking dependencies.
To detect this issue on your system, you should monitor your kernel logs for warnings similar to the following message:
- WARNING: possible circular locking dependency detected
- Details about tasks trying to acquire locks while already holding others, specifically involving rds_tcp_tune and socket locks.
You can check your kernel logs using commands such as:
- dmesg | grep -i 'circular locking dependency'
- journalctl -k | grep -i 'circular locking dependency'
These commands will help you identify if the kernel has logged any circular locking dependency warnings related to this vulnerability.