CVE-2026-23047Deadlock in Linux

CWE-833Deadlock23 documents7 sources
Severity
7.8HIGHOSV
No vector
EPSS
0.0%
top 89.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedFeb 4
Latest updateApr 13

Description

In the Linux kernel, the following vulnerability has been resolved: libceph: make calc_target() set t->paused, not just clear it Currently calc_target() clears t->paused if the request shouldn't be paused anymore, but doesn't ever set t->paused even though it's able to determine when the request should be paused. Setting t->paused is left to __submit_request() which is fine for regular requests but doesn't work for linger requests -- since __submit_request() doesn't operate on linger requests,

Affected Packages6 packages

Linuxlinux/linux_kernel4.7.05.10.248+5
Debianlinux/linux_kernel< 5.10.249-1+3
Ubuntulinux/linux_kernel< 5.15.0-173.183
CVEListV5linux/linux922dab6134178cae317ae00de86376cba59f31472b3329b3c29d9e188e40d902d5230c2d5989b940+7
debiandebian/linux< linux 6.1.162-1 (bookworm)

🔴Vulnerability Details

10
OSV
linux-raspi vulnerabilities2026-04-01
OSV
linux-intel-iot-realtime vulnerabilities2026-03-23
OSV
linux-nvidia-tegra-igx vulnerabilities2026-03-23
OSV
linux-realtime vulnerabilities2026-03-17
OSV
linux-aws-5.15, linux-gcp-5.15, linux-gke, linux-hwe-5.15, linux-intel-iotg-5.15, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities2026-03-17

📋Vendor Advisories

11
Ubuntu
Linux kernel (Azure) vulnerabilities2026-04-13
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2026-04-09
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2026-04-01
Ubuntu
Linux kernel (Intel IoTG Real-time) vulnerabilities2026-03-23
Ubuntu
Linux kernel (NVIDIA Tegra IGX) vulnerabilities2026-03-23

🕵️Threat Intelligence

1
Wiz
CVE-2026-23047 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23047 — Deadlock in Linux | cvebase