4.7

CVE-2026-23071

regmap: Fix race condition in hwspinlock irqsave routine

In the Linux kernel, the following vulnerability has been resolved:

regmap: Fix race condition in hwspinlock irqsave routine

Previously, the address of the shared member '&map->spinlock_flags' was
passed directly to 'hwspin_lock_timeout_irqsave'. This creates a race
condition where multiple contexts contending for the lock could overwrite
the shared flags variable, potentially corrupting the state for the
current lock owner.

Fix this by using a local stack variable 'flags' to store the IRQ state
temporarily.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.15 < 5.10.249
LinuxLinux Kernel Version >= 5.11 < 5.15.199
LinuxLinux Kernel Version >= 5.16 < 6.1.162
LinuxLinux Kernel Version >= 6.2 < 6.6.122
LinuxLinux Kernel Version >= 6.7 < 6.12.68
LinuxLinux Kernel Version >= 6.13 < 6.18.8
LinuxLinux Kernel Version6.19 Updaterc1
LinuxLinux Kernel Version6.19 Updaterc2
LinuxLinux Kernel Version6.19 Updaterc3
LinuxLinux Kernel Version6.19 Updaterc4
LinuxLinux Kernel Version6.19 Updaterc5
LinuxLinux Kernel Version6.19 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.1% 0.01
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

https://git.kernel.org/stable/c/24f31be6ad70537fd7706269d99c92cade465a09
Patch
https://git.kernel.org/stable/c/4aab0ca0a0f7760e33edcb4e47576064d05128f5
Patch
https://git.kernel.org/stable/c/c2d2cf710dc3ee1a69e00b4ed8de607a92a07889
Patch
https://git.kernel.org/stable/c/4b58aac989c1e3fafb1c68a733811859df388250
Patch
https://git.kernel.org/stable/c/766e243ae8c8b27087a4cc605752c0d5ee2daeab
Patch
https://git.kernel.org/stable/c/e1a7072bc4f958c9e852dc7e57e39f12b0bb44b5
Patch
https://git.kernel.org/stable/c/f1e2fe26a51eca95b41420af76d22c2e613efd5e
Patch