CVE-2026-23199

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contained a flaw in the procfs implementation related to fetching build IDs while holding a VMA lock. Specifically, the issue stemmed from the PROCMAP QUERY operation, which could lead to a deadlock when attempting to acquire locks in a specific order across multiple CPUs. The problem was exacerbated by a recent change that used kernel read() in a sleepable context. The fix involves modifying the build ID parsing process to avoid the deadlock by fetching the optional build ID only after releasing the necessary locks. The vulnerability could be triggered through the procfs procmap ioctl function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.