CVE-2026-23435

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contained a flaw in the perf/x86 subsystem related to event pointer handling within the x86 pmu enable() function. A NULL pointer dereference could occur in the PMU NMI handler, leading to a kernel crash. This was triggered by a mismatch between the active mask and the events array, specifically when an event was stopped and then rescheduled. The root cause was identified as a code change that moved the assignment of event pointers, introducing a race condition where events could be marked as active without a valid pointer being assigned. A production AMD EPYC system experienced this issue, resulting in a kernel crash.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.