CVE-2026-23287

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel’s PLIC (Platform Level Interrupt Controller) component contains a flaw where interrupt handling can freeze due to incorrect affinity settings. Specifically, the PLIC may ignore interrupt completion messages for disabled interrupts, even when the interrupt is still being handled. This can occur when the affinity setting is changed while a hart (hardware thread) is processing the interrupt. Reproducing this issue involves generating numerous interrupts (e.g., by dumping a large file to a UART) and simultaneously modifying the interrupt’s affinity setting, leading to a frozen UART port. The issue arises because the PLIC checks the enable bit instead of relying on a function that determines if the interrupt is disabled.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.