PT-2024-21464 · Linux+10 · Linux Kernel+10

Oleg Nesterov

·

Published

2024-01-23

·

Updated

2026-05-26

·

CVE-2024-26686

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A vulnerability in the Linux kernel has been resolved. The issue is related to the do task stat() function, which can trigger a hard lockup if NR CPUS threads call it at the same time and the process has NR THREADS. This can cause the system to spin with irqs disabled for O(NR CPUS * NR THREADS) time. The fix involves changing do task stat() to use sig->stats lock to gather statistics outside of the ->siglock protected section, allowing the code to run lockless in most cases.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-413CWE-667

Related Identifiers

ALSA-2024:5101
ALSA-2024:5102
ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2025-12647
AZL-58704
AZL-58789
BDU:2025-07832
CESA-2024_5101
CESA-2024_5102
CVE-2024-26686
DLA-4178-1
DSA-5658-1
INFSA-2024_5101
INFSA-2024_5102
INFSA-2024_9315
OESA-2024-1617
OESA-2024-1618
OESA-2024-1647
OESA-2024-1648
OESA-2024-1649
OESA-2024-1650
RHSA-2024:10771
RHSA-2024:5101
RHSA-2024:5102
RHSA-2024:5255
RHSA-2024:6998
RHSA-2024:8613
RHSA-2024:8614
RHSA-2024:9315
RHSA-2024_5101
RHSA-2024_5102
RHSA-2024_9315
RLSA-2024:5101
RLSA-2024:5102
RXSA-2024:5101
USN-7654-1
USN-7654-2
USN-7654-3
USN-7654-4
USN-7654-5
USN-7655-1
USN-7686-1
USN-7711-1
USN-7712-1
USN-7712-2

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Ubuntu