CVE-2026-23102

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the arm64/fpsimd component related to the restoration of SVE context when SME is supported. Restoring SVE signal context can lead to an invalid state, potentially causing out-of-bounds memory reads or a SIGKILL signal to the task. Specifically, restoring a context with SVE SIG FLAG SM set can result in the kernel reading from out-of-bounds memory. Additionally, restoring a context with SVE SIG FLAG SM clear may leave the task unexpectedly in streaming mode with inconsistent register state. These issues can occur in unusual scenarios involving userspace modification of SVE signal context or the use of ptrace. The issue does not expose secrets, and any attempts to access streaming SVE registers at EL0 will be trapped.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.