{"id":"CVE-2026-23134","summary":"slab: fix kmalloc_nolock() context check for PREEMPT_RT","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nslab: fix kmalloc_nolock() context check for PREEMPT_RT\n\nOn PREEMPT_RT kernels, local_lock becomes a sleeping lock. The current\ncheck in kmalloc_nolock() only verifies we're not in NMI or hard IRQ\ncontext, but misses the case where preemption is disabled.\n\nWhen a BPF program runs from a tracepoint with preemption disabled\n(preempt_count \u003e 0), kmalloc_nolock() proceeds to call\nlocal_lock_irqsave() which attempts to acquire a sleeping lock,\ntriggering:\n\n  BUG: sleeping function called from invalid context\n  in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 6128\n  preempt_count: 2, expected: 0\n\nFix this by checking !preemptible() on PREEMPT_RT, which directly\nexpresses the constraint that we cannot take a sleeping lock when\npreemption is disabled. This encompasses the previous checks for NMI\nand hard IRQ contexts while also catching cases where preemption is\ndisabled.","modified":"2026-04-02T13:12:05.884672Z","published":"2026-02-14T15:14:33.806Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23134.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/99a3e3a1cfc93b8fe318c0a3a5cfb01f1d4ad53c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f60ba4a97ae3f94e4818722ed2e4d260bbb17b44"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23134.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23134"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"af92793e52c3a99b828ed4bdd277fd3e11c18d08"},{"fixed":"f60ba4a97ae3f94e4818722ed2e4d260bbb17b44"},{"fixed":"99a3e3a1cfc93b8fe318c0a3a5cfb01f1d4ad53c"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23134.json"}}],"schema_version":"1.7.5"}