CVE-2026-22986Race Condition in Linux

CWE-362Race ConditionCWE-366Race Condition within a Thread6 documents6 sources
Severity
4.7MEDIUMNVD
EPSS
0.0%
top 97.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedJan 23

Description

In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix race condition for gdev->srcu If two drivers were calling gpiochip_add_data_with_key(), one may be traversing the srcu-protected list in gpio_name_to_desc(), meanwhile other has just added its gdev in gpiodev_add_to_list_unlocked(). This creates a non-mutexed and non-protected timeframe, when one instance is dereferencing and using &gdev->srcu, before the other has initialized it, resulting in crash: [ 4.935481]

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel6.96.18.6+1
Debianlinux/linux_kernel< 6.18.8-1
CVEListV5linux/linux47d8b4c1d868148c8fb51b785a89e58ca2d02c4dfb674c8f1a5d8dd3113a7326030f963fa2d79c02+2
debiandebian/linux< linux 6.18.8-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2026-22986: In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix race condition for gdev->srcu If two drivers were calling gpiochip_ad2026-01-23
GHSA
GHSA-c2vw-8m72-w2vh: In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix race condition for gdev->srcu If two drivers were calling gpiochip_2026-01-23

📋Vendor Advisories

2
Red Hat
kernel: Linux kernel: Denial of Service due to a race condition in gpiolib2026-01-23
Debian
CVE-2026-22986: linux - In the Linux kernel, the following vulnerability has been resolved: gpiolib: fi...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-22986 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-22986 — Race Condition in Linux | cvebase