Skip to main content

Linux Kernel CVE-2026-52936

| EUVDEUVD-2026-38706 MEDIUM
2026-06-24 Linux GHSA-9hmp-j3gc-jm6j
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
vuln.today AI
5.5 MEDIUM

Local-only vector with low-privilege access sufficient to call getrandom(); purely availability impact via CPU stall with no confidentiality or integrity consequence.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Analysis Generated
Jul 08, 2026 - 21:07 vuln.today
CVSS changed
Jul 08, 2026 - 20:37 NVD
5.5 (MEDIUM)
Patch available
Jun 24, 2026 - 09:16 EUVD
CVE Published
Jun 24, 2026 - 07:14 nvd
MEDIUM 5.5
CVE Published
Jun 24, 2026 - 07:14 cve.org
UNKNOWN (no severity yet)

DescriptionNVD

In the Linux kernel, the following vulnerability has been resolved:

crypto: jitterentropy - replace long-held spinlock with mutex

jent_kcapi_random() serializes the shared jitterentropy state, but it currently holds a spinlock across the jent_read_entropy() call. That path performs expensive jitter collection and SHA3 conditioning, so parallel readers can trigger stalls as contending waiters spin for the same lock.

To prevent non-preemptible lock hold, replace rng->jent_lock with a mutex so contended readers sleep instead of spinning on a shared lock held across expensive entropy generation.

AnalysisAI

CPU stall vulnerability in the Linux kernel jitterentropy subsystem allows local low-privileged users to trigger prolonged non-preemptible spinlock holds by spawning concurrent entropy requests through jent_kcapi_random(), which holds a spinlock across expensive SHA3 conditioning and jitter collection. Systems running kernel versions from approximately 4.2 through pre-fix stable branches face entropy starvation and CPU busy-wait degradation under parallel getrandom() load. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain local low-privilege shell access
Delivery
Spawn high-concurrency getrandom() reader threads
Exploit
Contend on jent_kcapi_random() spinlock
Execution
Hold non-preemptible lock across SHA3 conditioning
Persist
Force contending CPUs into busy-wait
Impact
Starve system entropy and degrade kernel scheduling

Vulnerability AssessmentAI

Exploitation Requires local shell access with at minimum low-privilege credentials (CVSS PR:L, AV:L) - any standard user account on the target system is sufficient. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H scores 5.5 (Medium), accurately reflecting local-only attack surface, low-privilege requirement, and purely availability-class impact with no confidentiality or integrity consequence. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A local low-privileged user on a shared cloud VM or multi-tenant container host launches a high-thread-count process that continuously calls getrandom() in parallel across all available CPU cores. The first thread to acquire jent_kcapi_random()'s spinlock begins milliseconds-long SHA3 conditioning work while all other CPUs spin at full utilization waiting for lock release, stalling kernel scheduling and blocking all entropy-dependent operations - including TLS handshakes and in-kernel key generation - for the duration of the attack. …
Remediation The definitive fix is to upgrade to a patched kernel release: 6.6.141 or later on the 6.6 LTS branch, 6.12.91 or later on the 6.12 LTS branch, 6.18.33 or later on the 6.18 branch, 7.0.10 or later on the 7.0 branch, or any 7.1+ mainline build. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-52936 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy