CVE-2026-23052

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue relates to an over-allocation of memory within the ftrace functionality of the Linux kernel. The pg remaining calculation in the ftrace process locs() function incorrectly assumes that ENTRIES PER PAGE multiplied by 2 raised to the power of order equals the actual capacity of the allocated page group. This assumption is flawed when PAGE SIZE is not a multiple of ENTRY SIZE, leading to an underestimation of pg remaining. Consequently, the skip value, derived from skipped - pg remaining, becomes larger than expected, triggering a warning (WARN(skip != remaining)). A similar problem exists in the ftrace allocate records() function, potentially resulting in the allocation of an excessive number of pages. The issue manifests as warnings during operation, specifically at kernel/trace/ftrace.c:7295 and kernel/trace/ftrace.c:7276. The resolution involves using the actual capacity of the page group to determine the number of pages to allocate, having ftrace allocate pages() return the number of allocated pages, utilizing the actual page group capacity for validation, and removing the definition of ENTRIES PER PAGE.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.