DEBIAN-CVE-2026-23052

In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not over-allocate ftrace memory The pgremaining calculation in ftraceprocesslocs() assumes that ENTRIESPERPAGE multiplied by 2^order equals the actual capacity of the allocated page group. However, ENTRIESPERPAGE is PAGESIZE / ENTRYSIZE (integer division). When PAGESIZE is not a multiple of ENTRYSIZE (e.g. 4096 / 24 = 170 with remainder 16), high-order allocations (like 256 pages) have significantly more capacity than 256 * 170. This leads to pgremaining being underestimated, which in turn makes skip (derived from skipped - pgremaining) larger than expected, causing the WARN(skip != remaining) to trigger. Extra allocated pages for ftrace: 2 with 654 skipped WARNING: CPU: 0 PID: 0 at kernel/trace/ftrace.c:7295 ftraceprocesslocs+0x5bf/0x5e0 A similar problem in ftraceallocaterecords() can result in allocating too many pages. This can trigger the second warning in ftraceprocesslocs(). Extra allocated pages for ftrace WARNING: CPU: 0 PID: 0 at kernel/trace/ftrace.c:7276 ftraceprocesslocs+0x548/0x580 Use the actual capacity of a page group to determine the number of pages to allocate. Have ftraceallocatepages() return the number of allocated pages to avoid having to calculate it. Use the actual page group capacity when validating the number of unused pages due to skipped entries. Drop the definition of ENTRIESPER_PAGE since it is no longer used.