CVE-2026-23354

EPSS 0.02%
Veröffentlicht 25.03.2026 10:27:38
Zuletzt bearbeitet 24.04.2026 19:15:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

x86/fred: Correct speculative safety in fred_extint()

In the Linux kernel, the following vulnerability has been resolved:

x86/fred: Correct speculative safety in fred_extint()

array_index_nospec() is no use if the result gets spilled to the stack, as
it makes the believed safe-under-speculation value subject to memory
predictions.

For all practical purposes, this means array_index_nospec() must be used in
the expression that accesses the array.

As the code currently stands, it's the wrong side of irqentry_enter(), and
'index' is put into %ebp across the function call.

Remove the index variable and reposition array_index_nospec(), so it's
calculated immediately before the array access.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

NVD 11 VulnDex Vulnerability Enrichment 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.9.1 < 6.12.77

Linux ≫ Linux Kernel Version >= 6.13 < 6.18.17

Linux ≫ Linux Kernel Version >= 6.19 < 6.19.7

Linux ≫ Linux Kernel Version6.9 Update-

Linux ≫ Linux Kernel Version7.0 Updaterc1

Linux ≫ Linux Kernel Version7.0 Updaterc2

Linux ≫ Linux Kernel Version7.0 Updaterc3

Linux ≫ Linux Kernel Version7.0 Updaterc4

Linux ≫ Linux Kernel Version7.0 Updaterc5

Linux ≫ Linux Kernel Version7.0 Updaterc6

Linux ≫ Linux Kernel Version7.0 Updaterc7

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.034

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://git.kernel.org/stable/c/3bc5887b0a2b06d2d9c22f1f4f8500490b3ae643

Patch

https://git.kernel.org/stable/c/e58f1a9b0677de24dcfee0b21393446ec92ff120

Patch

https://git.kernel.org/stable/c/92caa5274b99cb6729177232a029ce0dfa6c5f7b

Patch

https://git.kernel.org/stable/c/aa280a08e7d8fae58557acc345b36b3dc329d595

Patch

https://nvd.nist.gov/vuln/detail/CVE-2026-23354

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-23354

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-23354

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-23354