CVE-2026-43385

EPSS 0.05%
Veröffentlicht 08.05.2026 14:21:32
Zuletzt bearbeitet 12.05.2026 14:10:27
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

net: Fix rcu_tasks stall in threaded busypoll

In the Linux kernel, the following vulnerability has been resolved:

net: Fix rcu_tasks stall in threaded busypoll

I was debugging a NIC driver when I noticed that when I enable
threaded busypoll, bpftrace hangs when starting up. dmesg showed:

  rcu_tasks_wait_gp: rcu_tasks grace period number 85 (since boot) is 10658 jiffies old.
  rcu_tasks_wait_gp: rcu_tasks grace period number 85 (since boot) is 40793 jiffies old.
  rcu_tasks_wait_gp: rcu_tasks grace period number 85 (since boot) is 131273 jiffies old.
  rcu_tasks_wait_gp: rcu_tasks grace period number 85 (since boot) is 402058 jiffies old.
  INFO: rcu_tasks detected stalls on tasks:
  00000000769f52cd: .N nvcsw: 2/2 holdout: 1 idle_cpu: -1/64
  task:napi/eth2-8265  state:R  running task     stack:0     pid:48300 tgid:48300 ppid:2      task_flags:0x208040 flags:0x00004000
  Call Trace:
   <TASK>
   ? napi_threaded_poll_loop+0x27c/0x2c0
   ? __pfx_napi_threaded_poll+0x10/0x10
   ? napi_threaded_poll+0x26/0x80
   ? kthread+0xfa/0x240
   ? __pfx_kthread+0x10/0x10
   ? ret_from_fork+0x31/0x50
   ? __pfx_kthread+0x10/0x10
   ? ret_from_fork_asm+0x1a/0x30
   </TASK>

The cause is that in threaded busypoll, the main loop is in
napi_threaded_poll rather than napi_threaded_poll_loop, where the
latter rarely iterates more than once within its loop. For
rcu_softirq_qs_periodic inside napi_threaded_poll_loop to report its
qs state, the last_qs must be 100ms behind, and this can't happen
because napi_threaded_poll_loop rarely iterates in threaded busypoll,
and each time napi_threaded_poll_loop is called last_qs is reset to
latest jiffies.

This patch changes so that in threaded busypoll, last_qs is saved
in the outer napi_threaded_poll, and whether busy_poll_last_qs
is NULL indicates whether napi_threaded_poll_loop is called for
busypoll. This way last_qs would not reset to latest jiffies on
each invocation of napi_threaded_poll_loop.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 5

CNA 2 VulnDex Vulnerability Enrichment 11

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version c18d4b190a46651726c9a952667c74d2deb33c28

Version < 52459201d0df3fdbb1d281738b7b772e2cacb49c

Status affected

Version c18d4b190a46651726c9a952667c74d2deb33c28

Version < 1a86a1f7d88996085934139fa4c063b6299a2dd3

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.19

Status affected

Version 0

Version < 6.19

Status unaffected

Version <= 6.19.*

Version 6.19.9

Status unaffected

Version <= *

Version 7.0

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.164

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/52459201d0df3fdbb1d281738b7b772e2cacb49c

https://git.kernel.org/stable/c/1a86a1f7d88996085934139fa4c063b6299a2dd3

https://nvd.nist.gov/vuln/detail/CVE-2026-43385

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-43385

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-43385

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-43385