PT-2026-52262 · Linux · Linux
Published
2026-06-25
·
Updated
2026-06-25
·
CVE-2026-53166
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
In the Linux kernel, the following vulnerability has been resolved:
futex/requeue: Prevent NULL pointer dereference in remove waiter() on self-deadlock
When FUTEX CMP REQUEUE PI requeues a non-top waiter that already owns the
target PI futex, task blocks on rt mutex() returns -EDEADLK before setting
waiter->task.
The subsequent remove waiter() in rt mutex start proxy lock() dereferences
the NULL waiter->task, causing a kernel crash.
Add a self-deadlock check for non-top waiters before calling
rt mutex start proxy lock(), analogous to the top-waiter check in
futex lock pi atomic().
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux