CVE-2026-52936
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
In the Linux kernel, the jitterentropy crypto mechanism replaced a long-held spinlock with a mutex. Previously, the spinlock was held during expensive entropy generation and SHA3 conditioning, causing CPU stalls for parallel readers.
Risk Assessment
The organization may experience performance degradation and latency in systems using jitterentropy when multiple processes request random data simultaneously, potentially leading to CPU overload and increased response times.
Recommendation
It is recommended to immediately update the Linux kernel to a version containing this fix to avoid performance issues and potential system lockups.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: crypto: jitterentropy - replace long-held spinlock with mutex jent_kcapi_random() serializes the shared jitterentropy state, but it currently holds a spinlock across the jent_read_entropy() call. That path performs expensive jitter collection and SHA3 conditioning, so parallel readers can trigger stalls as contending waiters spin for the same lock. To prevent non-preemptible lock hold, replace rng->jent_lock with a mutex so contended readers sleep instead of spinning on a shared lock held across expensive entropy generation.

