CVE-2026-23332

MEDIUM EPSS 2.2%
Published Mar 25, 20263mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Mar 25, 2026 3mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intel_pstate: Fix crash during turbo disable When the system is booted with kernel command line argument "nosmt" or "maxcpus" to limit the number of CPUs, disabling turbo via: echo 1 > /sys/devices/system/cpu/intel_pstate/no_turbo results in a crash: PF: supervisor read access in kernel mode PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: Oops: 0000 [#1] SMP PTI ... RIP: 0010:store_no_turbo+0x100/0x1f0 ... This occurs because for_each_possible_cpu() returns CPUs even if they are not online. For those CPUs, all_cpu_data[] will be NULL. Since commit 973207ae3d7c ("cpufreq: intel_pstate: Rearrange max frequency updates handling code"), all_cpu_data[] is dereferenced even for CPUs which are not online, causing the NULL pointer dereference. To fix that, pass CPU number to intel_pstate_update_max_freq() and use all_cpu_data[] for those CPUs for which there is a valid cpufreq policy.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 10

VendorProductVersionRange
linuxlinux_kernel*≥6.16.1  –  <6.18.17
linuxlinux_kernel*≥6.19  –  <6.19.7
linuxlinux_kernel6.16any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 3

  • git.kernel.org https://git.kernel.org/stable/c/6b050482ec40569429d963ac52afa878691b04c9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a1850e2aef4d15405e7ff53fd51c4b3124d46182
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d20d48916ce8531b157c2edeba76d69af2974270
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/6b050482ec40569429d963ac52afa878691b04c9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a1850e2aef4d15405e7ff53fd51c4b3124d46182
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d20d48916ce8531b157c2edeba76d69af2974270
    Patch