{"id":"CVE-2026-23168","summary":"flex_proportions: make fprop_new_period() hardirq safe","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nflex_proportions: make fprop_new_period() hardirq safe\n\nBernd has reported a lockdep splat from flexible proportions code that is\nessentially complaining about the following race:\n\n\u003ctimer fires\u003e\nrun_timer_softirq - we are in softirq context\n  call_timer_fn\n    writeout_period\n      fprop_new_period\n        write_seqcount_begin(&p-\u003esequence);\n\n        \u003chardirq is raised\u003e\n        ...\n        blk_mq_end_request()\n\t  blk_update_request()\n\t    ext4_end_bio()\n\t      folio_end_writeback()\n\t\t__wb_writeout_add()\n\t\t  __fprop_add_percpu_max()\n\t\t    if (unlikely(max_frac \u003c FPROP_FRAC_BASE)) {\n\t\t      fprop_fraction_percpu()\n\t\t\tseq = read_seqcount_begin(&p-\u003esequence);\n\t\t\t  - sees odd sequence so loops indefinitely\n\nNote that a deadlock like this is only possible if the bdi has configured\nmaximum fraction of writeout throughput which is very rare in general but\nfrequent for example for FUSE bdis.  To fix this problem we have to make\nsure write section of the sequence counter is irqsafe.","modified":"2026-03-20T12:47:26.296922Z","published":"2026-02-14T16:01:31.465Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23168.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0acc9ba7a1b5ba4d998c5753e709be904e179b75"},{"type":"WEB","url":"https://git.kernel.org/stable/c/78ede9ebd679dadf480dce6f7b798e3603f88348"},{"type":"WEB","url":"https://git.kernel.org/stable/c/884b2590ffcc7222cbbd6298051f4c243cc36f5d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b91a84299d72ae0e05551e851e47cd3008bd025b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/dd9e2f5b38f1fdd49b1ab6d3a85f81c14369eacc"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23168.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23168"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"a91befde350375b1ff954635acdde14dc92cd9a8"},{"fixed":"0acc9ba7a1b5ba4d998c5753e709be904e179b75"},{"fixed":"884b2590ffcc7222cbbd6298051f4c243cc36f5d"},{"fixed":"78ede9ebd679dadf480dce6f7b798e3603f88348"},{"fixed":"b91a84299d72ae0e05551e851e47cd3008bd025b"},{"fixed":"dd9e2f5b38f1fdd49b1ab6d3a85f81c14369eacc"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-23168.json"}}],"schema_version":"1.7.5"}