CVE-2026-23229

Summary

In the Linux kernel, the following vulnerability has been resolved:

crypto: virtio - Add spinlock protection with virtqueue notification

When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-cbc -engine afalg -seconds 10 -multi 32

openssl processes will hangup and there is error reported like this: virtio_crypto virtio0: dataq.0:id 3 is not a head!

It seems that the data virtqueue need protection when it is handled for virtio done notification. If the spinlock protection is added in virtcrypto_done_task(), openssl benchmark with multiple processes works well.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0eb69890e86775d178452880ea0d24384c5ccedf < 552475d0b6cece73a52c0fa5faa0ce45e99df74baffected
LinuxLinux75cba72ddb788a5b9c7ed2139fbb84383df029eb < 8ee8ccfd60bf17cbdab91069d324b5302f4f3a30affected
LinuxLinuxae4747dab2eab95a68bb2f6c7e904bff0424e1b1 < c9e594194795c86ca753ad6ed64c2762e9309d0daffected
LinuxLinuxc4c54fce9ec54a59a4ca035af13c2823c76684cc < d6f0d586808689963e58fd739bed626ff5013b24affected
LinuxLinuxfed93fb62e05c38152b0fc1dc9609639e63eed76 < c0a0ded3bb7fd45f720faa48449a930153257d3aaffected
LinuxLinuxfed93fb62e05c38152b0fc1dc9609639e63eed76 < e69a7b0a71b6561b3b6459f1fded8d589f2e8ac2affected
LinuxLinuxfed93fb62e05c38152b0fc1dc9609639e63eed76 < 49c57c6c108931a914ed94e3c0ddb974008260a3affected
LinuxLinuxfed93fb62e05c38152b0fc1dc9609639e63eed76 < b505047ffc8057555900d2d3a005d033e6967382affected
LinuxLinux96be18c8fff9d57e29621386e2fa17268383ea27affected
LinuxLinux830a4f073f7edd2cc4f30ba95bdc3495d97c2550affected
LinuxLinux8862c0d2e47ba1733d9687fe0ff4e02d6e391255affected
LinuxLinux5.10.209 < 5.10.251affected
LinuxLinux5.15.148 < 5.15.201affected
LinuxLinux6.1.75 < 6.1.164affected
LinuxLinux6.6.14 < 6.6.125affected
LinuxLinux4.19.306 < 4.20affected
LinuxLinux5.4.268 < 5.5affected
LinuxLinux6.7.2 < 6.8affected
LinuxLinux6.8affected
LinuxLinux0 < 6.8unaffected
LinuxLinux5.10.251 <= 5.10.*unaffected
LinuxLinux5.15.201 <= 5.15.*unaffected
LinuxLinux6.1.164 <= 6.1.*unaffected
LinuxLinux6.6.125 <= 6.6.*unaffected
LinuxLinux6.12.72 <= 6.12.*unaffected
LinuxLinux6.18.11 <= 6.18.*unaffected
LinuxLinux6.19.1 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

ADP Enrichment

Additional References

References