CVE-2026-23452Signal Handler Race Condition in Linux

CWE-364Signal Handler Race Condition6 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 90.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedApr 3

Description

In the Linux kernel, the following vulnerability has been resolved: PM: runtime: Fix a race condition related to device removal The following code in pm_runtime_work() may dereference the dev->parent pointer after the parent device has been freed: /* Maybe the parent is now able to suspend. */ if (parent && !parent->power.ignore_children) { spin_unlock(&dev->power.lock); spin_lock(&parent->power.lock); rpm_idle(parent, RPM_ASYNC); spin_unlock(&parent->power.lock); spin_lock(&dev->power.lock

Affected Packages3 packages

Debianlinux/linux_kernel< 6.19.10-1
CVEListV5linux/linux5e928f77a09a07f9dd595bb8a489965d69a834585649b46af8b167259e8a8e4e7eb3667ce74554b5+6
debiandebian/linux< linux 6.19.10-1 (forky)

🔴Vulnerability Details

2
OSV
CVE-2026-23452: In the Linux kernel, the following vulnerability has been resolved: PM: runtime: Fix a race condition related to device removal The following code in2026-04-03
GHSA
GHSA-vxcm-6fmh-2q7q: In the Linux kernel, the following vulnerability has been resolved: PM: runtime: Fix a race condition related to device removal The following code i2026-04-03

📋Vendor Advisories

2
Red Hat
kernel: PM: runtime: Fix a race condition related to device removal2026-04-03
Debian
CVE-2026-23452: linux - In the Linux kernel, the following vulnerability has been resolved: PM: runtime...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23452 Impact, Exploitability, and Mitigation Steps | Wiz