2436820 – (CVE-2026-23094) CVE-2026-23094 kernel: uacce: fix isolate sysfs check condition

Bug 2436820 (CVE-2026-23094) - CVE-2026-23094 kernel: uacce: fix isolate sysfs check condition

Summary: CVE-2026-23094 kernel: uacce: fix isolate sysfs check condition

Keywords:
Status:	NEW
Alias:	CVE-2026-23094
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-02-04 17:04 UTC by OSIDB Bzimport
Modified:	2026-02-04 20:13 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-02-04 17:04:59 UTC

In the Linux kernel, the following vulnerability has been resolved:

uacce: fix isolate sysfs check condition

uacce supports the device isolation feature. If the driver
implements the isolate_err_threshold_read and
isolate_err_threshold_write callback functions, uacce will create
sysfs files now. Users can read and configure the isolation policy
through sysfs. Currently, sysfs files are created as long as either
isolate_err_threshold_read or isolate_err_threshold_write callback
functions are present.

However, accessing a non-existent callback function may cause the
system to crash. Therefore, intercept the creation of sysfs if
neither read nor write exists; create sysfs if either is supported,
but intercept unsupported operations at the call site.

Comment 1 Jon Moroney 2026-02-04 20:07:03 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026020426-CVE-2026-23094-9cb7@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.