What is GHSA-94ww-55m5-gmrg?

GHSA-94ww-55m5-gmrg is a security advisory published by GitHub Security Advisories with Medium severity. In the Linux kernel, the following vulnerability has been resolved: i40e: Fix preempt count leak...

Which CVE IDs does GHSA-94ww-55m5-gmrg cover?

GHSA-94ww-55m5-gmrg covers the following CVE IDs: CVE-2026-23313. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-94ww-55m5-gmrg?

GHSA-94ww-55m5-gmrg has a CVSS v3 base score of 5.5, published by GitHub Security Advisories.

GHSA-94ww-55m5-gmrgMediumCVSS 5.5

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix preempt count leak...

Vendor

GitHub Security Advisories

Published

March 25, 2026

Last Modified

May 26, 2026

🔗 CVE IDs covered (1)

CVE-2026-23313 →

📋 Description

In the Linux kernel, the following vulnerability has been resolved:

i40e: Fix preempt count leak in napi poll tracepoint

Using get_cpu() in the tracepoint assignment causes an obvious preempt count leak because nothing invokes put_cpu() to undo it:

softirq: huh, entered softirq 3 NET_RX with preempt_count 00000100, exited with 00000101?

This clearly has seen a lot of testing in the last 3+ years...

Use smp_processor_id() instead.

🔗 References (7)

https://nvd.nist.gov/vuln/detail/CVE-2026-23313
https://git.kernel.org/stable/c/4b3d54a85bd37ebf2d9836f0d0de775c0ff21af9
https://git.kernel.org/stable/c/9e0f091821571f0da387462803ee42f0bb157582
https://git.kernel.org/stable/c/b7e91827e1cf89cd34ad11dc8f8c010b70ab786e
https://git.kernel.org/stable/c/dca4ea596a3b0a1b82bc1d9f3e4d88bd9ad9561f
https://git.kernel.org/stable/c/fa5d5baf67f619c7aa70697a194b5a9edd9f5bb7
https://github.com/advisories/GHSA-94ww-55m5-gmrg