Description

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix WARN_ON in tracing_buffers_mmap_close When a process forks, the child process copies the parent's VMAs but the user_mapped reference count is not incremented. As a result, when both the parent and child processes exit, tracing_buffers_mmap_close() is called twice. On the second call, user_mapped is already 0, causing the function to return -ENODEV and triggering a WARN_ON. Normally, this isn't an issue as the memory is mapped with VM_DONTCOPY set. But this is only a hint, and the application can call madvise(MADVISE_DOFORK) which resets the VM_DONTCOPY flag. When the application does that, it can trigger this issue on fork. Fix it by incrementing the user_mapped reference count without re-mapping the pages in the VMA's open callback.

INFO

Published Date :

2026-03-25T10:27:59.682Z

Last Modified :

2026-04-13T06:06:16.302Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-23380 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-23380.

URL Resource
https://git.kernel.org/stable/c/91f3e8d84c89918769e71393f839c9fefadc2580 cve-icon cve-icon
https://git.kernel.org/stable/c/b0f269ba6fefe9e3cb9feedcf78fcd0b633800c0 cve-icon cve-icon
https://git.kernel.org/stable/c/cdd96641b64297a2db42676f051362b76280a58b cve-icon cve-icon
https://git.kernel.org/stable/c/e39bb9e02b68942f8e9359d2a3efe7d37ae6be0e cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23380-9e3c@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-23380 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-23380 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact