CVE-2026-23294Signal Handler Race Condition in Linux

CWE-364Signal Handler Race Condition7 documents6 sources
Severity
7.0HIGHNVD
EPSS
0.0%
top 97.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in devmap on PREEMPT_RT On PREEMPT_RT kernels, the per-CPU xdp_dev_bulk_queue (bq) can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes bq_enqueue() and __dev_flush() run atomically with respect to each other on the same CPU, relying on local_bh_disable() to prevent preemption. However, on PREEMPT_RT, local_bh_disable() only calls migrate_disable() (when PREEMPT_R

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages4 packages

Linuxlinux/linux_kernel6.18.06.18.17+1
Debianlinux/linux_kernel< 6.19.8-1
CVEListV5linux/linux3253cb49cbad4772389d6ef55be75db1f97da9106c10b019785dc282c5f45d21e4a3f468b8fd6476+3
debiandebian/linux< linux 6.19.8-1 (forky)

🔴Vulnerability Details

3
OSV
bpf: Fix race in devmap on PREEMPT_RT2026-03-25
GHSA
GHSA-4h26-3w83-pfh6: In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in devmap on PREEMPT_RT On PREEMPT_RT kernels, the per-CPU xdp_dev2026-03-25
OSV
CVE-2026-23294: In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in devmap on PREEMPT_RT On PREEMPT_RT kernels, the per-CPU xdp_dev_b2026-03-25

📋Vendor Advisories

2
Red Hat
kernel: bpf: Fix race in devmap on PREEMPT_RT2026-03-25
Debian
CVE-2026-23294: linux - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix ra...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23294 Impact, Exploitability, and Mitigation Steps | Wiz