Description
In the Linux kernel, the following vulnerability has been resolved:

uacce: fix isolate sysfs check condition

uacce supports the device isolation feature. If the driver
implements the isolate_err_threshold_read and
isolate_err_threshold_write callback functions, uacce will create
sysfs files now. Users can read and configure the isolation policy
through sysfs. Currently, sysfs files are created as long as either
isolate_err_threshold_read or isolate_err_threshold_write callback
functions are present.

However, accessing a non-existent callback function may cause the
system to crash. Therefore, intercept the creation of sysfs if
neither read nor write exists; create sysfs if either is supported,
but intercept unsupported operations at the call site.
Published: 2026-02-04
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service – system crash via invalid sysfs access
Action: Immediate Patch
AI Analysis

Impact

The Linux kernel’s uacce driver manages device isolation by creating sysfs entries when callback functions for reading or writing isolation thresholds are present. A logic error caused the driver to attempt to use a callback even when it was absent, leading the kernel to dereference a null pointer and crash. The crash results in a denial‑of‑service condition that brings the entire system down, with no data loss but an interruption of availability.

Affected Systems

All Linux kernel configurations that ship the uacce driver before the fix, specifically kernel 6.19 release candidates rc1 through rc6 and any derivative kernels that have not applied the patch. Any distribution that retains the unpatched code will be affected until the kernel is updated to the fixed version.

Risk and Exploitability

The CVSS score of 5.5 rates the vulnerability as moderate. EPSS below 1% indicates a low current exploitation likelihood. The attack vector is local, requiring the ability to register a device that loads the uacce driver or to write to its sysfs interfaces. Since the flaw manifests when the driver creates entries for nonexistent callbacks, a user with root or local device‑management privileges could trigger it. No exploits are recorded in the KEV catalog; the risk is operational rather than financial.

Generated by OpenCVE AI on April 18, 2026 at 13:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a kernel version that includes the uacce isolation sysfs fix (stable 6.19 or later).
  • If an upgrade cannot yet be applied, unload or disable the uacce driver or prevent the hardware that triggers it from being initialized to avoid the crash until a patched kernel is available.
  • Apply the upstream kernel patch that restores the conditional check for the existence of callback functions (commit 82821a6) to fix the null pointer dereference if you maintain a custom kernel build.

Generated by OpenCVE AI on April 18, 2026 at 13:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6126-1 linux security update
History

Sat, 18 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Tue, 17 Mar 2026 21:15:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Thu, 05 Feb 2026 00:15:00 +0000

Type Values Removed Values Added
References

Wed, 04 Feb 2026 16:30:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: uacce: fix isolate sysfs check condition uacce supports the device isolation feature. If the driver implements the isolate_err_threshold_read and isolate_err_threshold_write callback functions, uacce will create sysfs files now. Users can read and configure the isolation policy through sysfs. Currently, sysfs files are created as long as either isolate_err_threshold_read or isolate_err_threshold_write callback functions are present. However, accessing a non-existent callback function may cause the system to crash. Therefore, intercept the creation of sysfs if neither read nor write exists; create sysfs if either is supported, but intercept unsupported operations at the call site.
Title uacce: fix isolate sysfs check condition
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-02-09T08:38:34.500Z

Reserved: 2026-01-13T15:37:45.963Z

Link: CVE-2026-23094

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-02-04T17:16:20.273

Modified: 2026-03-17T21:09:04.757

Link: CVE-2026-23094

cve-icon Redhat

Severity :

Publid Date: 2026-02-04T00:00:00Z

Links: CVE-2026-23094 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T14:00:02Z

Weaknesses