CVE-2026-23014

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue where a swevent hrtimer may not be properly destroyed. A change to hrtimer try to cancel() in perf swevent cancel hrtimer() could leave the hrtimer active even after the event is freed. This is addressed by ensuring a full hrtimer cancel() is performed on the free path by installing a perf event::destroy handler.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.