{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23313", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.994Z", "datePublished": "2026-03-25T10:27:08.686Z", "dateUpdated": "2026-05-11T22:04:28.296Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:04:28.296Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix preempt count leak in napi poll tracepoint\n\nUsing get_cpu() in the tracepoint assignment causes an obvious preempt\ncount leak because nothing invokes put_cpu() to undo it:\n\n softirq: huh, entered softirq 3 NET_RX with preempt_count 00000100, exited with 00000101?\n\nThis clearly has seen a lot of testing in the last 3+ years...\n\nUse smp_processor_id() instead."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/intel/i40e/i40e_trace.h"], "versions": [{"version": "6d4d584a7ea8fc8d2be77545cb503118c193738a", "lessThan": "fa5d5baf67f619c7aa70697a194b5a9edd9f5bb7", "status": "affected", "versionType": "git"}, {"version": "6d4d584a7ea8fc8d2be77545cb503118c193738a", "lessThan": "b7e91827e1cf89cd34ad11dc8f8c010b70ab786e", "status": "affected", "versionType": "git"}, {"version": "6d4d584a7ea8fc8d2be77545cb503118c193738a", "lessThan": "9e0f091821571f0da387462803ee42f0bb157582", "status": "affected", "versionType": "git"}, {"version": "6d4d584a7ea8fc8d2be77545cb503118c193738a", "lessThan": "dca4ea596a3b0a1b82bc1d9f3e4d88bd9ad9561f", "status": "affected", "versionType": "git"}, {"version": "6d4d584a7ea8fc8d2be77545cb503118c193738a", "lessThan": "4b3d54a85bd37ebf2d9836f0d0de775c0ff21af9", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/intel/i40e/i40e_trace.h"], "versions": [{"version": "6.2", "status": "affected"}, {"version": "0", "lessThan": "6.2", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.136", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.77", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.17", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.7", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.6.136"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.12.77"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.18.17"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.19.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/fa5d5baf67f619c7aa70697a194b5a9edd9f5bb7"}, {"url": "https://git.kernel.org/stable/c/b7e91827e1cf89cd34ad11dc8f8c010b70ab786e"}, {"url": "https://git.kernel.org/stable/c/9e0f091821571f0da387462803ee42f0bb157582"}, {"url": "https://git.kernel.org/stable/c/dca4ea596a3b0a1b82bc1d9f3e4d88bd9ad9561f"}, {"url": "https://git.kernel.org/stable/c/4b3d54a85bd37ebf2d9836f0d0de775c0ff21af9"}], "title": "i40e: Fix preempt count leak in napi poll tracepoint", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"affected": [{"affectedData": [{"defaultStatus": "unaffected", "product": "Linux", "programFiles": ["drivers/net/ethernet/intel/i40e/i40e_trace.h"], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [{"lessThan": "fa5d5baf67f619c7aa70697a194b5a9edd9f5bb7", "status": "affected", "version": "6d4d584a7ea8fc8d2be77545cb503118c193738a", "versionType": "git"}, {"lessThan": "b7e91827e1cf89cd34ad11dc8f8c010b70ab786e", "status": "affected", "version": "6d4d584a7ea8fc8d2be77545cb503118c193738a", "versionType": "git"}, {"lessThan": "9e0f091821571f0da387462803ee42f0bb157582", "status": "affected", "version": "6d4d584a7ea8fc8d2be77545cb503118c193738a", "versionType": "git"}, {"lessThan": "dca4ea596a3b0a1b82bc1d9f3e4d88bd9ad9561f", "status": "affected", "version": "6d4d584a7ea8fc8d2be77545cb503118c193738a", "versionType": "git"}, {"lessThan": "4b3d54a85bd37ebf2d9836f0d0de775c0ff21af9", "status": "affected", "version": "6d4d584a7ea8fc8d2be77545cb503118c193738a", "versionType": "git"}]}, {"defaultStatus": "affected", "product": "Linux", "programFiles": ["drivers/net/ethernet/intel/i40e/i40e_trace.h"], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [{"status": "affected", "version": "6.2"}, {"lessThan": "6.2", "status": "unaffected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.136", "versionType": "semver"}, {"lessThanOrEqual": "6.12.*", "status": "unaffected", "version": "6.12.77", "versionType": "semver"}, {"lessThanOrEqual": "6.18.*", "status": "unaffected", "version": "6.18.17", "versionType": "semver"}, {"lessThanOrEqual": "6.19.*", "status": "unaffected", "version": "6.19.7", "versionType": "semver"}, {"lessThanOrEqual": "*", "status": "unaffected", "version": "7.0", "versionType": "original_commit_for_fix"}]}], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A0F1E9A-F127-4699-A014-9E08441C9A14", "versionEndExcluding": "6.6.136", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B3D12E00-E42D-4056-B354-BAD4903C03A5", "versionEndExcluding": "6.12.77", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A5E006E4-59C7-43C1-9231-62A72219F2BA", "versionEndExcluding": "6.18.17", "versionStartIncluding": "6.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "69245D10-0B71-485E-80C3-A64F077004D3", "versionEndExcluding": "6.19.7", "versionStartIncluding": "6.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "F253B622-8837-4245-BCE5-A7BF8FC76A16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix preempt count leak in napi poll tracepoint\n\nUsing get_cpu() in the tracepoint assignment causes an obvious preempt\ncount leak because nothing invokes put_cpu() to undo it:\n\n softirq: huh, entered softirq 3 NET_RX with preempt_count 00000100, exited with 00000101?\n\nThis clearly has seen a lot of testing in the last 3+ years...\n\nUse smp_processor_id() instead."}, {"lang": "es", "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\ni40e: Soluci\u00f3n a la fuga del contador de preemption en el tracepoint de sondeo de napi\n\nUsar get_cpu() en la asignaci\u00f3n del tracepoint causa una fuga obvia del contador de preemption porque nada invoca put_cpu() para deshacerlo:\n\n'softirq: eh, entr\u00f3 en softirq 3 NET_RX con preempt_count 00000100, sali\u00f3 con 00000101?'\n\nEsto claramente ha sido sometido a muchas pruebas en los \u00faltimos 3+ a\u00f1os...\n\nUsar smp_processor_id() en su lugar."}], "id": "CVE-2026-23313", "lastModified": "2026-06-17T10:21:18.617", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-25T11:16:27.623", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4b3d54a85bd37ebf2d9836f0d0de775c0ff21af9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9e0f091821571f0da387462803ee42f0bb157582"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b7e91827e1cf89cd34ad11dc8f8c010b70ab786e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/dca4ea596a3b0a1b82bc1d9f3e4d88bd9ad9561f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fa5d5baf67f619c7aa70697a194b5a9edd9f5bb7"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: i40e: Fix preempt count leak in napi poll tracepoint", "id": "2451223", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451223"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-911", "details": ["A flaw was found in the i40e network driver within the Linux kernel. This vulnerability, a preemption count leak, occurs in the NAPI (New API) poll tracepoint due to incorrect handling of CPU preemption counts. This issue could lead to an imbalanced preemption count, potentially causing kernel warnings, system instability, or a denial of service."], "name": "CVE-2026-23313", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23313\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23313\nhttps://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23313-925e@gregkh/T"], "threat_severity": "Low"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[6d4d584a7ea8fc8d2be77545cb503118c193738a,b7e91827e1cf89cd34ad11dc8f8c010b70ab786e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[6d4d584a7ea8fc8d2be77545cb503118c193738a,9e0f091821571f0da387462803ee42f0bb157582)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[6d4d584a7ea8fc8d2be77545cb503118c193738a,dca4ea596a3b0a1b82bc1d9f3e4d88bd9ad9561f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[6d4d584a7ea8fc8d2be77545cb503118c193738a,4b3d54a85bd37ebf2d9836f0d0de775c0ff21af9)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.2"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,6.2)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[6.12.77,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[6.18.17,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[6.19.7,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.0-rc3,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "created": "2026-03-25T21:15:16.369400+00:00", "updated": "2026-05-26T18:00:14.553161+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}