CVE-2026-43292

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description When CONFIG PAGE OWNER is enabled, freeing KASAN shadow pages during vmalloc cleanup triggers expensive stack unwinding that acquires RCU read locks. Processing a large purge list without rescheduling can cause a task to hold the CPU for extended periods, leading to RCU stalls and potential Out-Of-Memory (OOM) conditions. This occurs in the purge vmap node() and kasan release vmalloc node() functions, where iterating through numerous vmap area entries and freeing associated shadow pages creates an unbounded RCU critical section because each call to kasan release vmalloc() triggers save stack() for page owner tracking.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.