{"id":"CVE-2026-23332","summary":"cpufreq: intel_pstate: Fix crash during turbo disable","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: intel_pstate: Fix crash during turbo disable\n\nWhen the system is booted with kernel command line argument \"nosmt\" or\n\"maxcpus\" to limit the number of CPUs, disabling turbo via:\n\n echo 1 \u003e /sys/devices/system/cpu/intel_pstate/no_turbo\n\nresults in a crash:\n\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP PTI\n ...\n RIP: 0010:store_no_turbo+0x100/0x1f0\n ...\n\nThis occurs because for_each_possible_cpu() returns CPUs even if they\nare not online. For those CPUs, all_cpu_data[] will be NULL. Since\ncommit 973207ae3d7c (\"cpufreq: intel_pstate: Rearrange max frequency\nupdates handling code\"), all_cpu_data[] is dereferenced even for CPUs\nwhich are not online, causing the NULL pointer dereference.\n\nTo fix that, pass CPU number to intel_pstate_update_max_freq() and use\nall_cpu_data[] for those CPUs for which there is a valid cpufreq policy.","modified":"2026-04-02T13:12:22.305995Z","published":"2026-03-25T10:27:23.193Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23332.json"},"references":[{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6b050482ec40569429d963ac52afa878691b04c9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a1850e2aef4d15405e7ff53fd51c4b3124d46182"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d20d48916ce8531b157c2edeba76d69af2974270"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23332.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23332"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"973207ae3d7c3c92df4a382df5d7bd695deaa904"},{"fixed":"a1850e2aef4d15405e7ff53fd51c4b3124d46182"},{"fixed":"d20d48916ce8531b157c2edeba76d69af2974270"},{"fixed":"6b050482ec40569429d963ac52afa878691b04c9"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23332.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"6.16.0"},{"fixed":"6.18.17"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"6.19.7"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23332.json"}}],"schema_version":"1.7.5"}