CVE-2026-45968 Linux CVE debrief

Who should care

Organizations running Linux on IBM PowerNV (Power Non-Virtualized) systems, particularly those with minimal power management configurations. Cloud providers and enterprises with Power-based infrastructure should prioritize kernel updates. System administrators managing PowerLinux deployments should monitor for the specific dmesg indicator.

Technical summary

The vulnerability exists in the Linux kernel's CPU idle management (cpuidle) subsystem. On PowerNV platforms lacking a power management device tree node, only a single polling idle state (state 0, 'Snooze') may be registered. The ladder governor's logic incorrectly assumes state 1 is the first usable state, resulting in an out-of-bounds array access when only one state exists. This causes cpuidle_enter_state() to invoke a NULL function pointer, crashing the system. The fix introduces an early return in cpuidle_select() that bypasses governor selection entirely when state_count <= 1, directly returning state 0 and keeping the tick running.

Defensive priority

medium

Recommended defensive actions

• Apply kernel updates containing the referenced stable commits when available for your distribution
• Monitor vendor security advisories for kernel package updates
• For PowerNV systems, verify cpuidle state availability in dmesg logs for 'Only Snooze is available' messages
• Consider kernel live patching if available and critical uptime is required
• Review system logs for cpuidle-related crashes as indicators of exposure

Evidence notes

The vulnerability description indicates this affects PowerNV systems without a power-mgt DT node where only a single idle state (Snooze/polling) is available. The crash manifests as a NULL pointer dereference at address 0x00000000 with the faulting instruction occurring in cpuidle_enter_state(). Multiple stable kernel commits are referenced, indicating backports to various kernel versions.

Official resources