CVE-2026-23025

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc5-00127-ga06157804399

Description The Linux kernel contains a flaw in the mm/page alloc subsystem that can lead to corruption of the per-cpu pages (pcp) structure when SMP (Symmetric Multi-Processing) is disabled. This occurs because the spinlock implementation assumes spin trylock() will always succeed in the SMP=n configuration, which is not always the case. The issue was introduced by a commit that enabled interrupts during per-cpu page allocations, creating a scenario where spin trylock() could fail unexpectedly, potentially corrupting the pcp structure. The problem is triggered when an interrupt attempts spin trylock() on the same lock while it is protected by spin lock().

Recommendations Update to version 6.18.0-rc5-00127-ga06157804399 or a later version to address this issue.