CVE-2026-23138

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to kernel stack trace recording. An infinite recursion could occur when tracing RCU events with the kernel stack trace trigger enabled, as the stack trace code called back into RCU, which then called the stack trace again. The issue was addressed by expanding ftrace recursion protection to include a set of bits to prevent recursion from events, utilizing the interrupt context for protection. This fix specifically addresses the tracing stack trace side of the problem, with a separate fix planned for the RCU code.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

AZL-77703

CVE-2026-23138

ECHO-907D-6F02-0FA5

OESA-2026-1569

OESA-2026-1759

OESA-2026-1760

OESA-2026-1761

OPENSUSE-SU-2026:20572-1

SUSE-SU-2026:21237-1

SUSE-SU-2026:21352-1

SUSE-SU-2026:21361-1

Affected Products

Linux Kernel

CVE-2026-23138

Related Identifiers

Affected Products

References · 282