Description
In the Linux kernel, the following vulnerability has been resolved:

perf/amd/ibs: Avoid calling perf_allow_kernel() from the IBS NMI handler

Calling perf_allow_kernel() from the NMI context is unsafe and could be
fatal. Capture the permission at event-initialization time by storing it
in event->hw.flags, and have the NMI handler rely on that cached flag
instead of making the call directly.
Published: 2026-06-24
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A defect in the Linux kernel’s perf/amd/ibs subsystem caused an unsafe call to perf_allow_kernel() while executing in Non‑Maskable Interrupt (NMI) context. The call in this hard‑interrupt environment can trigger a kernel fault, leading to a crash. The fix removes the unsafe call and stores the required permission flag during event initialization, allowing the NMI handler to reference a cached value instead.

Affected Systems

Systems running a Linux kernel that includes the perf/amd/ibs code path are affected. The CNA data lists the vendor/product as Linux:Linux, and no specific version ranges are provided, so any kernel containing the original perf/amd/ibs implementation could be vulnerable.

Risk and Exploitability

The CVSS score is 5.5 and the EPSS score is < 1%, and the vulnerability is not listed in the CISA KEV catalog, indicating no publicly known exploitation at this time. However, the nature of the flaw—an unsafe operation in the NMI handler—implies a high potential for denial of service if an attacker can trigger an NMI during active IBS activity. Exact exploitation conditions are not detailed, so the likelihood remains uncertain but the impact is severe due to possible system‑wide kernel crashes.

Generated by OpenCVE AI on June 27, 2026 at 03:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the patch that removes the call to perf_allow_kernel() from the NMI handler and caches the permission flag during event initialization
  • If a kernel update is not immediately possible, disable the IBS feature by setting the corresponding sysfs knobs or kernel command‑line options to prevent the NMI handler from executing
  • Install or upgrade to a kernel version that includes the fix, such as the latest stable distribution release

Generated by OpenCVE AI on June 27, 2026 at 03:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 27 Jun 2026 02:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-755

Sat, 27 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-663
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate


Wed, 24 Jun 2026 21:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-755

Wed, 24 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: perf/amd/ibs: Avoid calling perf_allow_kernel() from the IBS NMI handler Calling perf_allow_kernel() from the NMI context is unsafe and could be fatal. Capture the permission at event-initialization time by storing it in event->hw.flags, and have the NMI handler rely on that cached flag instead of making the call directly.
Title perf/amd/ibs: Avoid calling perf_allow_kernel() from the IBS NMI handler
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-24T16:30:46.662Z

Reserved: 2026-06-09T07:44:35.385Z

Link: CVE-2026-53114

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-24T00:00:00Z

Links: CVE-2026-53114 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-27T03:30:10Z

Weaknesses
  • CWE-663

    Use of a Non-reentrant Function in a Concurrent Context