CVE-2026-23014
- Source
- https://cve.org/CVERecord?id=CVE-2026-23014
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23014.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2026-23014
- Downstream
- Published
- 2026-01-28T14:24:44.189Z
- Modified
- 2026-04-02T13:11:44.545181Z
- Summary
- perf: Ensure swevent hrtimer is properly destroyed
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
perf: Ensure swevent hrtimer is properly destroyed
With the change to hrtimertrytocancel() in perfsweventcancelhrtimer() it appears possible for the hrtimer to still be active by the time the event gets freed.
Make sure the event does a full hrtimercancel() on the free path by installing a perfevent::destroy handler.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23014.json" }- References
-
- https://git.kernel.org/stable/c/deee9dfb111ab00f9dfd46c0c7e36656b80f5235
- https://git.kernel.org/stable/c/ff5860f5088e9076ebcccf05a6ca709d5935cfa9
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23014.json
- https://nvd.nist.gov/vuln/detail/CVE-2026-23014
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedeb3182ef0405ff2f6668fd3e5ff9883f60ce8801Fixeddeee9dfb111ab00f9dfd46c0c7e36656b80f5235Fixedff5860f5088e9076ebcccf05a6ca709d5935cfa9
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected6b8c512811644cf2f5eaf6f44e928683c54127f0