Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-46272 (GCVE-0-2026-46272)
Vulnerability from cvelistv5 – Published: 2026-06-03 15:50 – Updated: 2026-06-03 15:50
VLAI
EPSS
Title
coresight: tmc-etr: Fix race condition between sysfs and perf mode
Summary
In the Linux kernel, the following vulnerability has been resolved:
coresight: tmc-etr: Fix race condition between sysfs and perf mode
When trying to run perf and sysfs mode simultaneously, the WARN_ON()
in tmc_etr_enable_hw() is triggered sometimes:
WARNING: CPU: 42 PID: 3911571 at drivers/hwtracing/coresight/coresight-tmc-etr.c:1060 tmc_etr_enable_hw+0xc0/0xd8 [coresight_tmc]
[..snip..]
Call trace:
tmc_etr_enable_hw+0xc0/0xd8 [coresight_tmc] (P)
tmc_enable_etr_sink+0x11c/0x250 [coresight_tmc] (L)
tmc_enable_etr_sink+0x11c/0x250 [coresight_tmc]
coresight_enable_path+0x1c8/0x218 [coresight]
coresight_enable_sysfs+0xa4/0x228 [coresight]
enable_source_store+0x58/0xa8 [coresight]
dev_attr_store+0x20/0x40
sysfs_kf_write+0x4c/0x68
kernfs_fop_write_iter+0x120/0x1b8
vfs_write+0x2c8/0x388
ksys_write+0x74/0x108
__arm64_sys_write+0x24/0x38
el0_svc_common.constprop.0+0x64/0x148
do_el0_svc+0x24/0x38
el0_svc+0x3c/0x130
el0t_64_sync_handler+0xc8/0xd0
el0t_64_sync+0x1ac/0x1b0
---[ end trace 0000000000000000 ]---
Since the enablement of sysfs mode is separeted into two critical regions,
one for sysfs buffer allocation and another for hardware enablement, it's
possible to race with the perf mode. Fix this by double check whether
the perf mode's been used before enabling the hardware in sysfs mode.
mode:
[sysfs mode] [perf mode]
tmc_etr_get_sysfs_buffer()
spin_lock(&drvdata->spinlock)
[sysfs buffer allocation]
spin_unlock(&drvdata->spinlock)
spin_lock(&drvdata->spinlock)
tmc_etr_enable_hw()
drvdata->etr_buf = etr_perf->etr_buf
spin_unlock(&drvdata->spinlock)
spin_lock(&drvdata->spinlock)
tmc_etr_enable_hw()
WARN_ON(drvdata->etr_buf) // WARN sicne etr_buf initialized at
the perf side
spin_unlock(&drvdata->spinlock)
With this fix, we retain the check for CS_MODE_PERF in get_etr_sysfs_buf.
This ensures we verify whether the perf mode's already running before we
actually allocate the buffer. Then we can save the time of
allocating/freeing the sysfs buffer if race with the perf mode.
Severity
4.7 (Medium)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
296b01fd106e787d4463974a7f42d286a5df08cd , < 38a07194bbcddb18d77dad40ba9978d994c0b74c
(git)
Affected: 296b01fd106e787d4463974a7f42d286a5df08cd , < 6906aa70d4fc5900b954136e20e27c2be6d1acab (git) Affected: 296b01fd106e787d4463974a7f42d286a5df08cd , < e6e43e82c79c97917cbe356c07e8a6f3f982ab53 (git) |
|
| Linux | Linux |
Affected:
6.5
Unaffected: 0 , < 6.5 (semver) Unaffected: 6.18.14 , ≤ 6.18.* (semver) Unaffected: 6.19.4 , ≤ 6.19.* (semver) Unaffected: 7.0 , ≤ * (original_commit_for_fix) |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/hwtracing/coresight/coresight-tmc-etr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "38a07194bbcddb18d77dad40ba9978d994c0b74c",
"status": "affected",
"version": "296b01fd106e787d4463974a7f42d286a5df08cd",
"versionType": "git"
},
{
"lessThan": "6906aa70d4fc5900b954136e20e27c2be6d1acab",
"status": "affected",
"version": "296b01fd106e787d4463974a7f42d286a5df08cd",
"versionType": "git"
},
{
"lessThan": "e6e43e82c79c97917cbe356c07e8a6f3f982ab53",
"status": "affected",
"version": "296b01fd106e787d4463974a7f42d286a5df08cd",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/hwtracing/coresight/coresight-tmc-etr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.5"
},
{
"lessThan": "6.5",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.18.*",
"status": "unaffected",
"version": "6.18.14",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.19.*",
"status": "unaffected",
"version": "6.19.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.0",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.18.14",
"versionStartIncluding": "6.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.19.4",
"versionStartIncluding": "6.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0",
"versionStartIncluding": "6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncoresight: tmc-etr: Fix race condition between sysfs and perf mode\n\nWhen trying to run perf and sysfs mode simultaneously, the WARN_ON()\nin tmc_etr_enable_hw() is triggered sometimes:\n\n WARNING: CPU: 42 PID: 3911571 at drivers/hwtracing/coresight/coresight-tmc-etr.c:1060 tmc_etr_enable_hw+0xc0/0xd8 [coresight_tmc]\n [..snip..]\n Call trace:\n tmc_etr_enable_hw+0xc0/0xd8 [coresight_tmc] (P)\n tmc_enable_etr_sink+0x11c/0x250 [coresight_tmc] (L)\n tmc_enable_etr_sink+0x11c/0x250 [coresight_tmc]\n coresight_enable_path+0x1c8/0x218 [coresight]\n coresight_enable_sysfs+0xa4/0x228 [coresight]\n enable_source_store+0x58/0xa8 [coresight]\n dev_attr_store+0x20/0x40\n sysfs_kf_write+0x4c/0x68\n kernfs_fop_write_iter+0x120/0x1b8\n vfs_write+0x2c8/0x388\n ksys_write+0x74/0x108\n __arm64_sys_write+0x24/0x38\n el0_svc_common.constprop.0+0x64/0x148\n do_el0_svc+0x24/0x38\n el0_svc+0x3c/0x130\n el0t_64_sync_handler+0xc8/0xd0\n el0t_64_sync+0x1ac/0x1b0\n ---[ end trace 0000000000000000 ]---\n\nSince the enablement of sysfs mode is separeted into two critical regions,\none for sysfs buffer allocation and another for hardware enablement, it\u0027s\npossible to race with the perf mode. Fix this by double check whether\nthe perf mode\u0027s been used before enabling the hardware in sysfs mode.\n\n mode:\n [sysfs mode] [perf mode]\n tmc_etr_get_sysfs_buffer()\n spin_lock(\u0026drvdata-\u003espinlock)\n [sysfs buffer allocation]\n spin_unlock(\u0026drvdata-\u003espinlock)\n spin_lock(\u0026drvdata-\u003espinlock)\n tmc_etr_enable_hw()\n drvdata-\u003eetr_buf = etr_perf-\u003eetr_buf\n spin_unlock(\u0026drvdata-\u003espinlock)\n spin_lock(\u0026drvdata-\u003espinlock)\n tmc_etr_enable_hw()\n WARN_ON(drvdata-\u003eetr_buf) // WARN sicne etr_buf initialized at\n the perf side\n spin_unlock(\u0026drvdata-\u003espinlock)\n\nWith this fix, we retain the check for CS_MODE_PERF in get_etr_sysfs_buf.\nThis ensures we verify whether the perf mode\u0027s already running before we\nactually allocate the buffer. Then we can save the time of\nallocating/freeing the sysfs buffer if race with the perf mode."
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T15:50:14.618Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/38a07194bbcddb18d77dad40ba9978d994c0b74c"
},
{
"url": "https://git.kernel.org/stable/c/6906aa70d4fc5900b954136e20e27c2be6d1acab"
},
{
"url": "https://git.kernel.org/stable/c/e6e43e82c79c97917cbe356c07e8a6f3f982ab53"
}
],
"title": "coresight: tmc-etr: Fix race condition between sysfs and perf mode",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2026-46272",
"datePublished": "2026-06-03T15:50:14.618Z",
"dateReserved": "2026-05-13T15:03:33.109Z",
"dateUpdated": "2026-06-03T15:50:14.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-46272",
"date": "2026-06-16",
"epss": "0.00088",
"percentile": "0.00512"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-46272\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-06-03T18:16:29.023\",\"lastModified\":\"2026-06-09T19:52:47.107\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ncoresight: tmc-etr: Fix race condition between sysfs and perf mode\\n\\nWhen trying to run perf and sysfs mode simultaneously, the WARN_ON()\\nin tmc_etr_enable_hw() is triggered sometimes:\\n\\n WARNING: CPU: 42 PID: 3911571 at drivers/hwtracing/coresight/coresight-tmc-etr.c:1060 tmc_etr_enable_hw+0xc0/0xd8 [coresight_tmc]\\n [..snip..]\\n Call trace:\\n tmc_etr_enable_hw+0xc0/0xd8 [coresight_tmc] (P)\\n tmc_enable_etr_sink+0x11c/0x250 [coresight_tmc] (L)\\n tmc_enable_etr_sink+0x11c/0x250 [coresight_tmc]\\n coresight_enable_path+0x1c8/0x218 [coresight]\\n coresight_enable_sysfs+0xa4/0x228 [coresight]\\n enable_source_store+0x58/0xa8 [coresight]\\n dev_attr_store+0x20/0x40\\n sysfs_kf_write+0x4c/0x68\\n kernfs_fop_write_iter+0x120/0x1b8\\n vfs_write+0x2c8/0x388\\n ksys_write+0x74/0x108\\n __arm64_sys_write+0x24/0x38\\n el0_svc_common.constprop.0+0x64/0x148\\n do_el0_svc+0x24/0x38\\n el0_svc+0x3c/0x130\\n el0t_64_sync_handler+0xc8/0xd0\\n el0t_64_sync+0x1ac/0x1b0\\n ---[ end trace 0000000000000000 ]---\\n\\nSince the enablement of sysfs mode is separeted into two critical regions,\\none for sysfs buffer allocation and another for hardware enablement, it\u0027s\\npossible to race with the perf mode. Fix this by double check whether\\nthe perf mode\u0027s been used before enabling the hardware in sysfs mode.\\n\\n mode:\\n [sysfs mode] [perf mode]\\n tmc_etr_get_sysfs_buffer()\\n spin_lock(\u0026drvdata-\u003espinlock)\\n [sysfs buffer allocation]\\n spin_unlock(\u0026drvdata-\u003espinlock)\\n spin_lock(\u0026drvdata-\u003espinlock)\\n tmc_etr_enable_hw()\\n drvdata-\u003eetr_buf = etr_perf-\u003eetr_buf\\n spin_unlock(\u0026drvdata-\u003espinlock)\\n spin_lock(\u0026drvdata-\u003espinlock)\\n tmc_etr_enable_hw()\\n WARN_ON(drvdata-\u003eetr_buf) // WARN sicne etr_buf initialized at\\n the perf side\\n spin_unlock(\u0026drvdata-\u003espinlock)\\n\\nWith this fix, we retain the check for CS_MODE_PERF in get_etr_sysfs_buf.\\nThis ensures we verify whether the perf mode\u0027s already running before we\\nactually allocate the buffer. Then we can save the time of\\nallocating/freeing the sysfs buffer if race with the perf mode.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.5\",\"versionEndExcluding\":\"6.18.14\",\"matchCriteriaId\":\"9F546B77-5B07-4E1F-838D-065C9F6E31E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.19\",\"versionEndExcluding\":\"6.19.4\",\"matchCriteriaId\":\"672A3E79-EC03-479D-8503-361DFBDC8092\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/38a07194bbcddb18d77dad40ba9978d994c0b74c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6906aa70d4fc5900b954136e20e27c2be6d1acab\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e6e43e82c79c97917cbe356c07e8a6f3f982ab53\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
}
}
FKIE_CVE-2026-46272
Vulnerability from fkie_nvd - Published: 2026-06-03 18:16 - Updated: 2026-06-09 19:52
Severity
Summary
In the Linux kernel, the following vulnerability has been resolved:
coresight: tmc-etr: Fix race condition between sysfs and perf mode
When trying to run perf and sysfs mode simultaneously, the WARN_ON()
in tmc_etr_enable_hw() is triggered sometimes:
WARNING: CPU: 42 PID: 3911571 at drivers/hwtracing/coresight/coresight-tmc-etr.c:1060 tmc_etr_enable_hw+0xc0/0xd8 [coresight_tmc]
[..snip..]
Call trace:
tmc_etr_enable_hw+0xc0/0xd8 [coresight_tmc] (P)
tmc_enable_etr_sink+0x11c/0x250 [coresight_tmc] (L)
tmc_enable_etr_sink+0x11c/0x250 [coresight_tmc]
coresight_enable_path+0x1c8/0x218 [coresight]
coresight_enable_sysfs+0xa4/0x228 [coresight]
enable_source_store+0x58/0xa8 [coresight]
dev_attr_store+0x20/0x40
sysfs_kf_write+0x4c/0x68
kernfs_fop_write_iter+0x120/0x1b8
vfs_write+0x2c8/0x388
ksys_write+0x74/0x108
__arm64_sys_write+0x24/0x38
el0_svc_common.constprop.0+0x64/0x148
do_el0_svc+0x24/0x38
el0_svc+0x3c/0x130
el0t_64_sync_handler+0xc8/0xd0
el0t_64_sync+0x1ac/0x1b0
---[ end trace 0000000000000000 ]---
Since the enablement of sysfs mode is separeted into two critical regions,
one for sysfs buffer allocation and another for hardware enablement, it's
possible to race with the perf mode. Fix this by double check whether
the perf mode's been used before enabling the hardware in sysfs mode.
mode:
[sysfs mode] [perf mode]
tmc_etr_get_sysfs_buffer()
spin_lock(&drvdata->spinlock)
[sysfs buffer allocation]
spin_unlock(&drvdata->spinlock)
spin_lock(&drvdata->spinlock)
tmc_etr_enable_hw()
drvdata->etr_buf = etr_perf->etr_buf
spin_unlock(&drvdata->spinlock)
spin_lock(&drvdata->spinlock)
tmc_etr_enable_hw()
WARN_ON(drvdata->etr_buf) // WARN sicne etr_buf initialized at
the perf side
spin_unlock(&drvdata->spinlock)
With this fix, we retain the check for CS_MODE_PERF in get_etr_sysfs_buf.
This ensures we verify whether the perf mode's already running before we
actually allocate the buffer. Then we can save the time of
allocating/freeing the sysfs buffer if race with the perf mode.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F546B77-5B07-4E1F-838D-065C9F6E31E5",
"versionEndExcluding": "6.18.14",
"versionStartIncluding": "6.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "672A3E79-EC03-479D-8503-361DFBDC8092",
"versionEndExcluding": "6.19.4",
"versionStartIncluding": "6.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncoresight: tmc-etr: Fix race condition between sysfs and perf mode\n\nWhen trying to run perf and sysfs mode simultaneously, the WARN_ON()\nin tmc_etr_enable_hw() is triggered sometimes:\n\n WARNING: CPU: 42 PID: 3911571 at drivers/hwtracing/coresight/coresight-tmc-etr.c:1060 tmc_etr_enable_hw+0xc0/0xd8 [coresight_tmc]\n [..snip..]\n Call trace:\n tmc_etr_enable_hw+0xc0/0xd8 [coresight_tmc] (P)\n tmc_enable_etr_sink+0x11c/0x250 [coresight_tmc] (L)\n tmc_enable_etr_sink+0x11c/0x250 [coresight_tmc]\n coresight_enable_path+0x1c8/0x218 [coresight]\n coresight_enable_sysfs+0xa4/0x228 [coresight]\n enable_source_store+0x58/0xa8 [coresight]\n dev_attr_store+0x20/0x40\n sysfs_kf_write+0x4c/0x68\n kernfs_fop_write_iter+0x120/0x1b8\n vfs_write+0x2c8/0x388\n ksys_write+0x74/0x108\n __arm64_sys_write+0x24/0x38\n el0_svc_common.constprop.0+0x64/0x148\n do_el0_svc+0x24/0x38\n el0_svc+0x3c/0x130\n el0t_64_sync_handler+0xc8/0xd0\n el0t_64_sync+0x1ac/0x1b0\n ---[ end trace 0000000000000000 ]---\n\nSince the enablement of sysfs mode is separeted into two critical regions,\none for sysfs buffer allocation and another for hardware enablement, it\u0027s\npossible to race with the perf mode. Fix this by double check whether\nthe perf mode\u0027s been used before enabling the hardware in sysfs mode.\n\n mode:\n [sysfs mode] [perf mode]\n tmc_etr_get_sysfs_buffer()\n spin_lock(\u0026drvdata-\u003espinlock)\n [sysfs buffer allocation]\n spin_unlock(\u0026drvdata-\u003espinlock)\n spin_lock(\u0026drvdata-\u003espinlock)\n tmc_etr_enable_hw()\n drvdata-\u003eetr_buf = etr_perf-\u003eetr_buf\n spin_unlock(\u0026drvdata-\u003espinlock)\n spin_lock(\u0026drvdata-\u003espinlock)\n tmc_etr_enable_hw()\n WARN_ON(drvdata-\u003eetr_buf) // WARN sicne etr_buf initialized at\n the perf side\n spin_unlock(\u0026drvdata-\u003espinlock)\n\nWith this fix, we retain the check for CS_MODE_PERF in get_etr_sysfs_buf.\nThis ensures we verify whether the perf mode\u0027s already running before we\nactually allocate the buffer. Then we can save the time of\nallocating/freeing the sysfs buffer if race with the perf mode."
}
],
"id": "CVE-2026-46272",
"lastModified": "2026-06-09T19:52:47.107",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2026-06-03T18:16:29.023",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/38a07194bbcddb18d77dad40ba9978d994c0b74c"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/6906aa70d4fc5900b954136e20e27c2be6d1acab"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/e6e43e82c79c97917cbe356c07e8a6f3f982ab53"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-V558-WF7V-XC9H
Vulnerability from github – Published: 2026-06-03 18:33 – Updated: 2026-06-09 21:32
VLAI
Details
In the Linux kernel, the following vulnerability has been resolved:
coresight: tmc-etr: Fix race condition between sysfs and perf mode
When trying to run perf and sysfs mode simultaneously, the WARN_ON() in tmc_etr_enable_hw() is triggered sometimes:
WARNING: CPU: 42 PID: 3911571 at drivers/hwtracing/coresight/coresight-tmc-etr.c:1060 tmc_etr_enable_hw+0xc0/0xd8 [coresight_tmc] [..snip..] Call trace: tmc_etr_enable_hw+0xc0/0xd8 [coresight_tmc] (P) tmc_enable_etr_sink+0x11c/0x250 [coresight_tmc] (L) tmc_enable_etr_sink+0x11c/0x250 [coresight_tmc] coresight_enable_path+0x1c8/0x218 [coresight] coresight_enable_sysfs+0xa4/0x228 [coresight] enable_source_store+0x58/0xa8 [coresight] dev_attr_store+0x20/0x40 sysfs_kf_write+0x4c/0x68 kernfs_fop_write_iter+0x120/0x1b8 vfs_write+0x2c8/0x388 ksys_write+0x74/0x108 __arm64_sys_write+0x24/0x38 el0_svc_common.constprop.0+0x64/0x148 do_el0_svc+0x24/0x38 el0_svc+0x3c/0x130 el0t_64_sync_handler+0xc8/0xd0 el0t_64_sync+0x1ac/0x1b0 ---[ end trace 0000000000000000 ]---
Since the enablement of sysfs mode is separeted into two critical regions, one for sysfs buffer allocation and another for hardware enablement, it's possible to race with the perf mode. Fix this by double check whether the perf mode's been used before enabling the hardware in sysfs mode.
mode: [sysfs mode] [perf mode] tmc_etr_get_sysfs_buffer() spin_lock(&drvdata->spinlock) [sysfs buffer allocation] spin_unlock(&drvdata->spinlock) spin_lock(&drvdata->spinlock) tmc_etr_enable_hw() drvdata->etr_buf = etr_perf->etr_buf spin_unlock(&drvdata->spinlock) spin_lock(&drvdata->spinlock) tmc_etr_enable_hw() WARN_ON(drvdata->etr_buf) // WARN sicne etr_buf initialized at the perf side spin_unlock(&drvdata->spinlock)
With this fix, we retain the check for CS_MODE_PERF in get_etr_sysfs_buf. This ensures we verify whether the perf mode's already running before we actually allocate the buffer. Then we can save the time of allocating/freeing the sysfs buffer if race with the perf mode.
Severity
4.7 (Medium)
{
"affected": [],
"aliases": [
"CVE-2026-46272"
],
"database_specific": {
"cwe_ids": [
"CWE-362"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-03T18:16:29Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncoresight: tmc-etr: Fix race condition between sysfs and perf mode\n\nWhen trying to run perf and sysfs mode simultaneously, the WARN_ON()\nin tmc_etr_enable_hw() is triggered sometimes:\n\n WARNING: CPU: 42 PID: 3911571 at drivers/hwtracing/coresight/coresight-tmc-etr.c:1060 tmc_etr_enable_hw+0xc0/0xd8 [coresight_tmc]\n [..snip..]\n Call trace:\n tmc_etr_enable_hw+0xc0/0xd8 [coresight_tmc] (P)\n tmc_enable_etr_sink+0x11c/0x250 [coresight_tmc] (L)\n tmc_enable_etr_sink+0x11c/0x250 [coresight_tmc]\n coresight_enable_path+0x1c8/0x218 [coresight]\n coresight_enable_sysfs+0xa4/0x228 [coresight]\n enable_source_store+0x58/0xa8 [coresight]\n dev_attr_store+0x20/0x40\n sysfs_kf_write+0x4c/0x68\n kernfs_fop_write_iter+0x120/0x1b8\n vfs_write+0x2c8/0x388\n ksys_write+0x74/0x108\n __arm64_sys_write+0x24/0x38\n el0_svc_common.constprop.0+0x64/0x148\n do_el0_svc+0x24/0x38\n el0_svc+0x3c/0x130\n el0t_64_sync_handler+0xc8/0xd0\n el0t_64_sync+0x1ac/0x1b0\n ---[ end trace 0000000000000000 ]---\n\nSince the enablement of sysfs mode is separeted into two critical regions,\none for sysfs buffer allocation and another for hardware enablement, it\u0027s\npossible to race with the perf mode. Fix this by double check whether\nthe perf mode\u0027s been used before enabling the hardware in sysfs mode.\n\n mode:\n [sysfs mode] [perf mode]\n tmc_etr_get_sysfs_buffer()\n spin_lock(\u0026drvdata-\u003espinlock)\n [sysfs buffer allocation]\n spin_unlock(\u0026drvdata-\u003espinlock)\n spin_lock(\u0026drvdata-\u003espinlock)\n tmc_etr_enable_hw()\n drvdata-\u003eetr_buf = etr_perf-\u003eetr_buf\n spin_unlock(\u0026drvdata-\u003espinlock)\n spin_lock(\u0026drvdata-\u003espinlock)\n tmc_etr_enable_hw()\n WARN_ON(drvdata-\u003eetr_buf) // WARN sicne etr_buf initialized at\n the perf side\n spin_unlock(\u0026drvdata-\u003espinlock)\n\nWith this fix, we retain the check for CS_MODE_PERF in get_etr_sysfs_buf.\nThis ensures we verify whether the perf mode\u0027s already running before we\nactually allocate the buffer. Then we can save the time of\nallocating/freeing the sysfs buffer if race with the perf mode.",
"id": "GHSA-v558-wf7v-xc9h",
"modified": "2026-06-09T21:32:21Z",
"published": "2026-06-03T18:33:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46272"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/38a07194bbcddb18d77dad40ba9978d994c0b74c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6906aa70d4fc5900b954136e20e27c2be6d1acab"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e6e43e82c79c97917cbe356c07e8a6f3f982ab53"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
MSRC_CVE-2026-46272
Vulnerability from csaf_microsoft - Published: 2026-06-02 00:00 - Updated: 2026-06-09 01:45Summary
coresight: tmc-etr: Fix race condition between sysfs and perf mode
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Affected products
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17084-1 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-46272 coresight: tmc-etr: Fix race condition between sysfs and perf mode - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-46272.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "coresight: tmc-etr: Fix race condition between sysfs and perf mode",
"tracking": {
"current_release_date": "2026-06-09T01:45:04.000Z",
"generator": {
"date": "2026-06-09T07:01:27.261Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-46272",
"initial_release_date": "2026-06-02T00:00:00.000Z",
"revision_history": [
{
"date": "2026-06-05T01:01:42.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-06-09T01:45:04.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"category": "product_name",
"name": "azl3 kernel 0:6.6.139.1-1.azl3",
"product": {
"name": "azl3 kernel 0:6.6.139.1-1.azl3",
"product_id": "1"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 kernel 0:6.6.139.1-1.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-46272",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"17084-1"
]
}
],
"notes": [
{
"category": "general",
"text": "Linux",
"title": "Assigning CNA"
}
],
"product_status": {
"known_not_affected": [
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-46272 coresight: tmc-etr: Fix race condition between sysfs and perf mode - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-46272.json"
}
],
"title": "coresight: tmc-etr: Fix race condition between sysfs and perf mode"
}
]
}
WID-SEC-W-2026-1802
Vulnerability from csaf_certbund - Published: 2026-06-04 22:00 - Updated: 2026-06-14 22:00Summary
Linux Kernel: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff: Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder nicht bekannte Auswirkungen zu erzielen.
Betroffene Betriebssysteme: - Linux
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
References
37 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder nicht bekannte Auswirkungen zu erzielen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1802 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1802.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1802 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1802"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71313",
"url": "https://lore.kernel.org/linux-cve-announce/2026060332-CVE-2025-71313-bb96@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71314",
"url": "https://lore.kernel.org/linux-cve-announce/2026060332-CVE-2025-71314-818a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46244",
"url": "https://lore.kernel.org/linux-cve-announce/2026060309-CVE-2026-46244-e8d7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46245",
"url": "https://lore.kernel.org/linux-cve-announce/2026060333-CVE-2026-46245-e1e8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46246",
"url": "https://lore.kernel.org/linux-cve-announce/2026060333-CVE-2026-46246-f24c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46247",
"url": "https://lore.kernel.org/linux-cve-announce/2026060333-CVE-2026-46247-4daa@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46248",
"url": "https://lore.kernel.org/linux-cve-announce/2026060333-CVE-2026-46248-19f9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46249",
"url": "https://lore.kernel.org/linux-cve-announce/2026060334-CVE-2026-46249-ade7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46250",
"url": "https://lore.kernel.org/linux-cve-announce/2026060334-CVE-2026-46250-736e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46251",
"url": "https://lore.kernel.org/linux-cve-announce/2026060334-CVE-2026-46251-507e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46252",
"url": "https://lore.kernel.org/linux-cve-announce/2026060334-CVE-2026-46252-b147@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46253",
"url": "https://lore.kernel.org/linux-cve-announce/2026060335-CVE-2026-46253-a855@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46254",
"url": "https://lore.kernel.org/linux-cve-announce/2026060335-CVE-2026-46254-2dd0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46255",
"url": "https://lore.kernel.org/linux-cve-announce/2026060335-CVE-2026-46255-f3b9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46256",
"url": "https://lore.kernel.org/linux-cve-announce/2026060335-CVE-2026-46256-e81d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46257",
"url": "https://lore.kernel.org/linux-cve-announce/2026060335-CVE-2026-46257-6295@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46258",
"url": "https://lore.kernel.org/linux-cve-announce/2026060336-CVE-2026-46258-3741@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46259",
"url": "https://lore.kernel.org/linux-cve-announce/2026060336-CVE-2026-46259-6c94@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46260",
"url": "https://lore.kernel.org/linux-cve-announce/2026060336-CVE-2026-46260-dc10@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46261",
"url": "https://lore.kernel.org/linux-cve-announce/2026060336-CVE-2026-46261-9058@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46262",
"url": "https://lore.kernel.org/linux-cve-announce/2026060337-CVE-2026-46262-cdb5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46263",
"url": "https://lore.kernel.org/linux-cve-announce/2026060337-CVE-2026-46263-952d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46264",
"url": "https://lore.kernel.org/linux-cve-announce/2026060337-CVE-2026-46264-a91c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46265",
"url": "https://lore.kernel.org/linux-cve-announce/2026060337-CVE-2026-46265-492c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46266",
"url": "https://lore.kernel.org/linux-cve-announce/2026060337-CVE-2026-46266-1e5e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46267",
"url": "https://lore.kernel.org/linux-cve-announce/2026060338-CVE-2026-46267-5845@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46268",
"url": "https://lore.kernel.org/linux-cve-announce/2026060338-CVE-2026-46268-1753@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46269",
"url": "https://lore.kernel.org/linux-cve-announce/2026060338-CVE-2026-46269-3ec0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46270",
"url": "https://lore.kernel.org/linux-cve-announce/2026060338-CVE-2026-46270-6800@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46271",
"url": "https://lore.kernel.org/linux-cve-announce/2026060339-CVE-2026-46271-3f1c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46272",
"url": "https://lore.kernel.org/linux-cve-announce/2026060339-CVE-2026-46272-7a48@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-46273",
"url": "https://lore.kernel.org/linux-cve-announce/2026060327-CVE-2026-46273-e8d0@gregkh/"
},
{
"category": "external",
"summary": "Microsoft Security Update Guide vom 2026-06-09",
"url": "https://msrc.microsoft.com/update-guide/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:11014-1 vom 2026-06-14",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GUIIWLNGS7XPMWTUD7QE4YLQY7U22IJE/"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-14T22:00:00.000+00:00",
"generator": {
"date": "2026-06-15T07:39:59.094+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1802",
"initial_release_date": "2026-06-04T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-06-04T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-06-09T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2026-06-14T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von openSUSE aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "azl3",
"product": {
"name": "Microsoft Azure Linux azl3",
"product_id": "T049210",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3"
}
}
}
],
"category": "product_name",
"name": "Azure Linux"
}
],
"category": "vendor",
"name": "Microsoft"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T035270",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-71313",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2025-71313"
},
{
"cve": "CVE-2025-71314",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2025-71314"
},
{
"cve": "CVE-2026-46244",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46244"
},
{
"cve": "CVE-2026-46245",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46245"
},
{
"cve": "CVE-2026-46246",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46246"
},
{
"cve": "CVE-2026-46247",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46247"
},
{
"cve": "CVE-2026-46248",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46248"
},
{
"cve": "CVE-2026-46249",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46249"
},
{
"cve": "CVE-2026-46250",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46250"
},
{
"cve": "CVE-2026-46251",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46251"
},
{
"cve": "CVE-2026-46252",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46252"
},
{
"cve": "CVE-2026-46253",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46253"
},
{
"cve": "CVE-2026-46254",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46254"
},
{
"cve": "CVE-2026-46255",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46255"
},
{
"cve": "CVE-2026-46256",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46256"
},
{
"cve": "CVE-2026-46257",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46257"
},
{
"cve": "CVE-2026-46258",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46258"
},
{
"cve": "CVE-2026-46259",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46259"
},
{
"cve": "CVE-2026-46260",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46260"
},
{
"cve": "CVE-2026-46261",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46261"
},
{
"cve": "CVE-2026-46262",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46262"
},
{
"cve": "CVE-2026-46263",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46263"
},
{
"cve": "CVE-2026-46264",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46264"
},
{
"cve": "CVE-2026-46265",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46265"
},
{
"cve": "CVE-2026-46266",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46266"
},
{
"cve": "CVE-2026-46267",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46267"
},
{
"cve": "CVE-2026-46268",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46268"
},
{
"cve": "CVE-2026-46269",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46269"
},
{
"cve": "CVE-2026-46270",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46270"
},
{
"cve": "CVE-2026-46271",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46271"
},
{
"cve": "CVE-2026-46272",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46272"
},
{
"cve": "CVE-2026-46273",
"product_status": {
"known_affected": [
"T035270",
"T027843",
"T049210"
]
},
"release_date": "2026-06-04T22:00:00.000+00:00",
"title": "CVE-2026-46273"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…