CVE-2026-45993 Linux CVE debrief

Who should care

Organizations running LoongArch-based Linux systems, kernel maintainers for LoongArch distributions, and security teams monitoring speculative execution vulnerabilities in non-x86 architectures.

Technical summary

The LoongArch architecture's syscall entry path in the Linux kernel uses the userspace-provided syscall number to index into sys_call_table without applying array_index_nospec() clamping. This missing Spectre v1 mitigation permits out-of-bounds speculative access to the function pointer table. An attacker with local access can exploit this to speculatively execute unintended code paths and exfiltrate kernel data through cache timing analysis. The fix adds the standard array_index_nospec() boundary check to constrain speculative execution to valid syscall table entries.

Defensive priority

medium

Recommended defensive actions

• Apply kernel updates from Linux stable trees once available for your distribution
• Verify LoongArch systems are running patched kernel versions with the array_index_nospec() fix
• Monitor vendor security advisories for LoongArch-specific kernel packages
• Consider enabling Spectre mitigations (spectre_v1=on) if not already active on LoongArch systems
• Review syscall-heavy workloads on LoongArch for potential attack surface reduction

Evidence notes

The CVE description confirms the vulnerability exists in the LoongArch syscall dispatch table where userspace-controlled syscall numbers lack array_index_nospec() protection. Five kernel.org stable tree commits are provided as references, indicating backports to multiple stable kernel branches. The NVD status is 'Awaiting Analysis' with no CVSS score assigned. No KEV listing exists.

Official resources