CVE-2026-23052Uncontrolled Resource Consumption in Linux

CWE-400Uncontrolled Resource Consumption7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 92.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedFeb 4

Description

In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not over-allocate ftrace memory The pg_remaining calculation in ftrace_process_locs() assumes that ENTRIES_PER_PAGE multiplied by 2^order equals the actual capacity of the allocated page group. However, ENTRIES_PER_PAGE is PAGE_SIZE / ENTRY_SIZE (integer division). When PAGE_SIZE is not a multiple of ENTRY_SIZE (e.g. 4096 / 24 = 170 with remainder 16), high-order allocations (like 256 pages) have significantly more

Affected Packages4 packages

Linuxlinux/linux_kernel6.15.06.18.7
Debianlinux/linux_kernel< 6.18.8-1
CVEListV5linux/linux4a3efc6baff931da9a85c6d2e42c87bd9a8273999aef476717994e96dadfb359641c4b82b521aa36+2
debiandebian/linux< linux 6.18.8-1 (forky)

🔴Vulnerability Details

3
GHSA
GHSA-qvpg-9fvc-x6cv: In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not over-allocate ftrace memory The pg_remaining calculation in ftrac2026-02-04
OSV
CVE-2026-23052: In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not over-allocate ftrace memory The pg_remaining calculation in ftrace_2026-02-04
OSV
ftrace: Do not over-allocate ftrace memory2026-02-04

📋Vendor Advisories

2
Red Hat
kernel: ftrace: Do not over-allocate ftrace memory2026-02-04
Debian
CVE-2026-23052: linux - In the Linux kernel, the following vulnerability has been resolved: ftrace: Do ...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23052 Impact, Exploitability, and Mitigation Steps | Wiz