CVE-2026-23063
Severity
5.5MEDIUM
EPSS
0.0%
top 95.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 4
Latest updateApr 9
Description
In the Linux kernel, the following vulnerability has been resolved:
uacce: ensure safe queue release with state management
Directly calling `put_queue` carries risks since it cannot
guarantee that resources of `uacce_queue` have been fully released
beforehand. So adding a `stop_queue` operation for the
UACCE_CMD_PUT_Q command and leaving the `put_queue` operation to
the final resource release ensures safety.
Queue states are defined as follows:
- UACCE_Q_ZOMBIE: Initial state
- UACCE_Q_INIT: …
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages4 packages
▶CVEListV5linux/linux015d239ac0142ad0e26567fd890ef8d171f13709 — b457abeb5d962db88aaf60e249402fd3073dbfab+7
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-q353-prfj-6jcp: In the Linux kernel, the following vulnerability has been resolved:
uacce: ensure safe queue release with state management
Directly calling `put_que↗2026-02-04
OSV▶
CVE-2026-23063: In the Linux kernel, the following vulnerability has been resolved: uacce: ensure safe queue release with state management Directly calling `put_queue↗2026-02-04