CVE-2026-23102

CWE-125Out-of-bounds ReadCWE-1307 documents7 sources
Severity
7.1HIGH
EPSS
0.0%
top 95.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux LinuxLinux Linux Kernel
Timeline
PublishedFeb 4

Description

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context When SME is supported, Restoring SVE signal context can go wrong in a few ways, including placing the task into an invalid state where the kernel may read from out-of-bounds memory (and may potentially take a fatal fault) and/or may kill the task with a SIGKILL. (1) Restoring a context with SVE_SIG_FLAG_SM set can place the task into an invalid state where SVCR.SM is set (a

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages4 packages

NVDlinux/linux_kernel5.196.1.162+3
CVEListV5linux/linux85ed24dad2904f7c141911d91b7807ab02694b5e9bc3adba8c35119be80ab20217027720446742f2+4
Debianlinux< 6.1.162-1+1
Debianlinux-6.1< 6.1.162-1~deb11u1

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
OSV
CVE-2026-23102: In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context When SME is supported, Restor2026-02-04
GHSA
GHSA-6992-8g76-6r5h: In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context When SME is supported, Rest2026-02-04
CVEList
arm64/fpsimd: signal: Fix restoration of SVE context2026-02-04

📋Vendor Advisories

2
Red Hat
kernel: Linux kernel: Denial of Service due to incorrect SVE context restoration2026-02-04
Debian
CVE-2026-23102: linux - In the Linux kernel, the following vulnerability has been resolved: arm64/fpsim...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23102 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23102 (HIGH CVSS 7.1) | In the Linux kernel | cvebase.io