DEBIAN-CVE-2026-23106
- Source
- https://security-tracker.debian.org/tracker/CVE-2026-23106
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-23106.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2026-23106
- Upstream
- Published
- 2026-02-04T17:16:21.470Z
- Modified
- 2026-02-13T04:25:24.615527Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: timekeeping: Adjust the leap state for the correct auxiliary timekeeper When _doajdtimex() was introduced to handle adjtimex for any timekeeper, this reference to tkcore was not updated. When called on an auxiliary timekeeper, the core timekeeper would be updated incorrectly. This gets caught by the lock debugging diagnostics because the timekeepers sequence lock gets written to without holding its associated spinlock: WARNING: include/linux/seqlock.h:226 at _doadjtimex+0x394/0x3b0, CPU#2: test/125 auxclockadj (kernel/time/timekeeping.c:2979) _dosysclockadjtime (kernel/time/posix-timers.c:1161 kernel/time/posix-timers.c:1173) dosyscall64 (arch/x86/entry/syscall64.c:63 (discriminator 1) arch/x86/entry/syscall64.c:94 (discriminator 1)) entrySYSCALL64afterhwframe (arch/x86/entry/entry64.S:131) Update the correct auxiliary timekeeper.
- References
Affected packages
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.18.8-1