CVE-2026-23374

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.0-rc1lblk+ #84

Description The Linux kernel's blktrace component contains an issue where this cpu read() and this cpu write() are used in a preemptible context. Specifically, tracing record cmdline() utilizes these functions on the per-CPU variable trace cmdline save, but does not ensure preemption is disabled. This occurs when calling tracing record cmdline(current) early in the blk tracer path, before ring buffer reservation. This can lead to a kernel bug, as observed in testing with blktrace/002, resulting in a crash. The issue affects multiple paths including blk add trace plug(), blk add trace unplug(), and blk add trace rq().

Recommendations Update to a version of the Linux kernel that addresses this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.