CVE-2026-23207 — Race Condition in Linux
Severity
4.7MEDIUMNVD
EPSS
0.0%
top 97.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 14
Latest updateApr 13
Description
In the Linux kernel, the following vulnerability has been resolved:
spi: tegra210-quad: Protect curr_xfer check in IRQ handler
Now that all other accesses to curr_xfer are done under the lock,
protect the curr_xfer NULL check in tegra_qspi_isr_thread() with the
spinlock. Without this protection, the following race can occur:
CPU0 (ISR thread) CPU1 (timeout path)
---------------- -------------------
if (!tqspi->curr_xfer)
// sees non-NULL
spin_lock()
tqspi->curr_xfer = NULL
spin_unlock()
handl…
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6
Affected Packages3 packages
▶CVEListV5linux/linux551060efb156c50fe33799038ba8145418cfdeef — 84e926c1c272a35ddb9b86842d32fa833a60dfc7+8
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-5xf5-gq7p-jfx7: In the Linux kernel, the following vulnerability has been resolved:
spi: tegra210-quad: Protect curr_xfer check in IRQ handler
Now that all other ac↗2026-02-14
OSV▶
CVE-2026-23207: In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect curr_xfer check in IRQ handler Now that all other acce↗2026-02-14