CVE-2026-23354

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel's x86/fred component related to speculative safety within the fred extint() function. The array index nospec() function was not effectively utilized to prevent memory predictions, as the calculated index was stored on the stack, making it vulnerable. The issue stemmed from the incorrect placement of array index nospec() relative to the array access, specifically occurring after irqentry enter() and involving the index variable being placed in %ebp across a function call. The correction involves repositioning array index nospec() to be calculated immediately before the array access and removing the index variable.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.