CVE-2026-31555

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the futex subsystem where the futex lock pi() retry path fails to clear a stale exiting pointer. When futex lock pi atomic() detects that an owner is exiting, it returns -EBUSY and stores a refcounted task pointer in the exiting variable. After wait for owner exiting() consumes this reference, the local pointer is not reset to nil. If a subsequent retry occurs and futex lock pi atomic() returns a different error, such as -EAGAIN, the stale pointer is passed to wait for owner exiting(), potentially leading to a kernel warning.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.