CVE-2026-23063
Published: Feb 4, 2026
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: uacce: ensure safe queue release with state management Directly calling `put_queue` carries risks since it cannot guarantee that resources of `uacce_queue` have been fully released beforehand. So adding a `stop_queue` operation for the UACCE_CMD_PUT_Q command and leaving the `put_queue` operation to the final resource release ensures safety. Queue states are defined as follows: - UACCE_Q_ZOMBIE: Initial state - UACCE_Q_INIT: After opening `uacce` - UACCE_Q_STARTED: After `start` is issued via `ioctl` When executing `poweroff -f` in virt while accelerator are still working, `uacce_fops_release` and `uacce_remove` may execute concurrently. This can cause `uacce_put_queue` within `uacce_fops_release` to access a NULL `ops` pointer. Therefore, add state checks to prevent accessing freed pointers.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 015d239ac0142ad0e26567fd890ef8d171f13709 - < b457abeb5d962db88aaf60e249402fd3073dbfabaffected 015d239ac0142ad0e26567fd890ef8d171f13709 - < 8b57bf1d3b1db692f34bce694a03e41be79f6016affected 015d239ac0142ad0e26567fd890ef8d171f13709 - < 336fb41a186e7c0415ae94fec9e23d1f04b87483affected 015d239ac0142ad0e26567fd890ef8d171f13709 - < 43f233eb6e7b9d88536881a9bc43726d0e34800daffected 015d239ac0142ad0e26567fd890ef8d171f13709 - < 47634d70073890c9c37e39ab4ff93d4b585b028a+2 more versions |
Linux | Linux | affected 5.7unaffected 0 - < 5.7unaffected 5.10.249 - <= 5.10.*unaffected 5.15.199 - <= 5.15.*unaffected 6.1.162 - <= 6.1.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now