SB20260325107 - Out-of-bounds read in Linux kernel include asm

Description

This security bulletin contains information about 1 security vulnerability.

1) Out-of-bounds read (CVE-ID: CVE-2026-23346)

The vulnerability allows a local user to cause a denial of service.

The vulnerability exists due to improper input validation in the ioremap_prot() function when handling memory protection settings from user mappings. A local user can trigger access to a specially crafted user memory region to cause a kernel memory access violation, leading to a system crash.

The issue specifically affects arm64 systems where user page protection flags are incorrectly processed during physical memory access, resulting in an unreadable memory access from kernel space.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/3d64dcc0799c2d6921ba027716b7be721eb19fa8
• https://git.kernel.org/stable/c/8f098037139b294050053123ab2bc0f819d08932
• https://git.kernel.org/stable/c/d1ad8fe7f72d73e1617bac79f2ec7a3bedf47e2a