IM
IronMonkey Threat Research

CVE-2026-23271 HIGH

Published: 2026-03-20 | Last Modified: 2026-07-14 | Status: Modified

Description

In the Linux kernel, the following vulnerability has been resolved: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race Make sure that __perf_event_overflow() runs with IRQs disabled for all possible callchains. Specifically the software events can end up running it with only preemption disabled. This opens up a race vs perf_event_exit_event() and friends that will go and free various things the overflow path expects to be present, like the BPF program.

Additional Descriptions (1)

En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: perf: Corrección de la condición de carrera entre __perf_event_overflow() y perf_remove_from_context() Asegurar que __perf_event_overflow() se ejecute con las IRQ deshabilitadas para todas las cadenas de llamadas posibles. Específicamente, los eventos de software pueden terminar ejecutándolo con solo la preemption deshabilitada. Esto abre una condición de carrera frente a perf_event_exit_event() y funciones relacionadas que liberarán varias cosas que la ruta de desbordamiento espera que estén presentes, como el programa BPF.

CVSS Metrics

Base Score: 7.8 (HIGH)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack VectorLOCAL
Attack ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
ScopeUNCHANGED
Confidentiality ImpactHIGH
Integrity ImpactHIGH
Availability ImpactHIGH

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Type: Secondary

Exploitability Score: 1.8

Impact Score: 5.9

Weaknesses

Source Type Description
[email protected] Primary
en CWE-362

Affected Products

Vendor Product Version Update Type
linux linux_kernel * <built-in method update of dict object at 0x702bde165a80> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702b83f2f880> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bde164700> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702ba6edb940> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bde166a00> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702bde164280> Operating System

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*

References

Notification
Message here