CVE-2026-23063

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue related to the uacce subsystem and safe queue release. Directly calling the put queue function poses a risk because it does not guarantee that resources associated with the uacce queue have been fully released. To address this, a stop queue operation has been added for the UACCE CMD PUT Q command, deferring the put queue operation to the final resource release. Queue states are defined as UACCE Q ZOMBIE, UACCE Q INIT, and UACCE Q STARTED. A potential issue arises when executing poweroff -f in a virtualized environment while accelerators are still active, potentially causing uacce fops release and uacce remove to run concurrently. This can lead to uacce put queue within uacce fops release attempting to access a NULL ops pointer. State checks have been implemented to prevent access to freed pointers.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.