VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 4, 2026· Updated Apr 15, 2026

CVE-2026-23045

CVE-2026-23045

Description

In the Linux kernel, the following vulnerability has been resolved:

net/ena: fix missing lock when update devlink params

Fix assert lock warning while calling devl_param_driverinit_value_set() in ena.

WARNING: net/devlink/core.c:261 at devl_assert_locked+0x62/0x90, CPU#0: kworker/0:0/9 CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Not tainted 6.19.0-rc2+ #1 PREEMPT(lazy) Hardware name: Amazon EC2 m8i-flex.4xlarge/, BIOS 1.0 10/16/2017 Workqueue: events work_for_cpu_fn RIP: 0010:devl_assert_locked+0x62/0x90

Call Trace:

devl_param_driverinit_value_set+0x15/0x1c0 ena_devlink_alloc+0x18c/0x220 [ena] ? __pfx_ena_devlink_alloc+0x10/0x10 [ena] ? trace_hardirqs_on+0x18/0x140 ? lockdep_hardirqs_on+0x8c/0x130 ? __raw_spin_unlock_irqrestore+0x5d/0x80 ? __raw_spin_unlock_irqrestore+0x46/0x80 ? devm_ioremap_wc+0x9a/0xd0 ena_probe+0x4d2/0x1b20 [ena] ? __lock_acquire+0x56a/0xbd0 ? __pfx_ena_probe+0x10/0x10 [ena] ? local_clock+0x15/0x30 ? __lock_release.isra.0+0x1c9/0x340 ? mark_held_locks+0x40/0x70 ? lockdep_hardirqs_on_prepare.part.0+0x92/0x170 ? trace_hardirqs_on+0x18/0x140 ? lockdep_hardirqs_on+0x8c/0x130 ? __raw_spin_unlock_irqrestore+0x5d/0x80 ? __raw_spin_unlock_irqrestore+0x46/0x80 ? __pfx_ena_probe+0x10/0x10 [ena] ......

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A missing lock in the Linux kernel's ENA driver causes a warning when updating devlink parameters during device probe.

Root

Cause

The vulnerability is a missing lock assertion in the Linux kernel's Elastic Network Adapter (ENA) driver. When the driver calls devl_param_driverinit_value_set() during ena_devlink_alloc(), it does so without holding the required devlink lock, triggering a devl_assert_locked warning [1][2]. The warning appears in the kernel log as a WARN_ON and stack trace, indicating a locking violation in the devlink core.

Exploitation

Context

This issue occurs during the normal device probe path (ena_probe), specifically when the driver initializes devlink parameters. No special privileges or network access are required; the bug manifests on any system using the ENA driver (e.g., Amazon EC2 instances) when the kernel is built with lock debugging enabled. The attack surface is limited to triggering the warning, which may cause denial of service if the system is configured to panic on warnings.

Impact

An attacker with local access or the ability to trigger device re-probe could cause repeated kernel warnings, potentially leading to system instability or denial of service. The warning itself does not directly allow privilege escalation or data corruption, but itegrity compromise, but it indicates a race condition that could be leveraged in more complex attacks.

Mitigation

The fix is included in Linux kernel stable updates. Users should apply the latest kernel patches from their distribution. The commit references [1] and [2] contain the corrected code that acquires the devlink lock before calling devl_param_driverinit_value_set().

References
  1. Making sure you're not a bot!
  2. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.