CVE-2026-23127

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue related to reference counting within the perf subsystem. Specifically, a warning occurs when incrementing the mmap count of a perf event. This happens when creating a group member event with the PERF FLAG FD OUTPUT flag after the group leader has been mapped. The issue arises because perf mmap rb() attempts to increment event->mmap count when it is already zero, leading to a use-after-free warning. The problem is triggered by a specific sequence of system calls involving perf event open and mmap. The root cause is that the output event is copied in perf event set output(), setting event->rb, which then leads to the problematic increment in perf mmap rb(). The fix prevents the increment when event->mmap count is zero, also preventing multiple events from updating the same user page.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.