High severity7.8NVD Advisory· Published Jan 28, 2026· Updated Apr 27, 2026
CVE-2026-23014
CVE-2026-23014
Description
In the Linux kernel, the following vulnerability has been resolved:
perf: Ensure swevent hrtimer is properly destroyed
With the change to hrtimer_try_to_cancel() in perf_swevent_cancel_hrtimer() it appears possible for the hrtimer to still be active by the time the event gets freed.
Make sure the event does a full hrtimer_cancel() on the free path by installing a perf_event::destroy handler.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=6.17.8,<6.18
- cpe:2.3:o:linux:linux_kernel:6.18:-:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.19:rc8:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.