CVE-2026-46137— Linux kernel 安全漏洞
Possible ATT&CK Techniques 1AI
T1068 · Exploitation for Privilege EscalationAffected Version Matrix 12
| ベンダー | プロダクト | Version Range | ステータス |
|---|---|---|---|
| Linux | Linux | 00cfd77b9063dcdf3628a7087faba60de85a9cc8< 013dcdc1961543b9a3433466bc8c79a2f4ca75b5 | affected |
00cfd77b9063dcdf3628a7087faba60de85a9cc8< 6e4710d7d8782cb61af29a7e7111ddfc38b9e1a3 | affected | ||
00cfd77b9063dcdf3628a7087faba60de85a9cc8< 2ad56e434199ca24a812bb353667aa1c3860f513 | affected | ||
00cfd77b9063dcdf3628a7087faba60de85a9cc8< cc3c0399361efaaf7ae64262eb3f70829b1189c6 | affected | ||
00cfd77b9063dcdf3628a7087faba60de85a9cc8< 5cd6e0ad79d2615264f63929f8b457ad97ae550d | affected | ||
5.10 | affected | ||
< 5.10 | unaffected | ||
6.6.141≤ 6.6.* | unaffected | ||
| … +4 more rows | |||
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2026-46137の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
mptcp: pm: ADD_ADDR rtx: fix potential data-race
ソース: NVD (National Vulnerability Database)
脆弱性説明
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADD_ADDR rtx: fix potential data-race This mptcp_pm_add_timer() helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bh_lock_sock(). If the socket is in use, retry again soon after, similar to what is done with the keepalive timer.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Linux kernel 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于mptcp pm中ADD_ADDR重传定时器存在数据竞争,可能导致状态不一致。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
II. CVE-2026-46137の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2026-46137のインテリジェンス情報
请登录查看更多情报信息。
CVE-2026-46137 补丁与修复 (5)
Same Patch Batch · Linux · 2026-05-28 · 138 CVEs total
| CVE-2026-46135 | 9.8 CRITICAL | nvmet-tcp: fix race between ICReq handling and queue teardown |
| CVE-2026-46115 | 9.8 CRITICAL | block: add pgmap check to biovec_phys_mergeable |
| CVE-2026-46195 | 9.8 CRITICAL | smb: client: validate dacloffset before building DACL pointers |
| CVE-2026-46155 | 9.1 CRITICAL | smb/client: fix out-of-bounds read in smb2_compound_op() |
| CVE-2026-46185 | 9.1 CRITICAL | smb/client: fix out-of-bounds read in symlink_data() |
| CVE-2026-46119 | 9.1 CRITICAL | libceph: Fix slab-out-of-bounds access in auth message processing |
| CVE-2026-46238 | 8.8 HIGH | batman-adv: stop caching unowned originator pointers in BAT IV |
| CVE-2026-46152 | 8.8 HIGH | wifi: mac80211: drop stray 'static' from fast-RX rx_result |
| CVE-2026-46166 | 8.8 HIGH | wifi: mac80211: use safe list iteration in radar detect work |
| CVE-2026-46212 | 8.8 HIGH | batman-adv: bla: prevent use-after-free when deleting claims |
| CVE-2026-46174 | 8.8 HIGH | x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache |
| CVE-2026-46125 | 8.8 HIGH | wifi: mac80211: remove station if connection prep fails |
| CVE-2026-46113 | 8.8 HIGH | KVM: x86: Fix shadow paging use-after-free due to unexpected GFN |
| CVE-2026-46198 | 8.8 HIGH | batman-adv: fix integer overflow on buff_pos |
| CVE-2026-46138 | 8.1 HIGH | Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt |
| CVE-2026-46232 | 8.1 HIGH | HID: playstation: Clamp num_touch_reports |
| CVE-2026-46215 | 7.8 HIGH | drm: Set old handle to NULL before prime swap in change_handle |
| CVE-2026-46157 | 7.8 HIGH | ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger |
| CVE-2026-46173 | 7.8 HIGH | exit: prevent preemption of oopsing TASK_DEAD task |
| CVE-2026-46210 | 7.8 HIGH | media: iris: fix use-after-free of fmt_src during MBPF check |
Showing 20 of 138 CVEs. View all on vendor page →
IV. 関連脆弱性
同じ製品: Linux
- CVE-2026-46242
eventpoll: fix ep_remove struct eventpoll / struct file UAF - CVE-2026-46241
spi: mpc52xx: fix use-after-free on registration failure - CVE-2026-46239
media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl - CVE-2026-46240
media: iris: Fix use-after-free in iris_release_internal_buf - CVE-2026-46238
batman-adv: stop caching unowned originator pointers in BAT
同じベンダー: Linux
- CVE-2026-46242
eventpoll: fix ep_remove struct eventpoll / struct file UAF - CVE-2026-46241
spi: mpc52xx: fix use-after-free on registration failure - CVE-2026-46239
media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl - CVE-2026-46240
media: iris: Fix use-after-free in iris_release_internal_buf - CVE-2026-46238
batman-adv: stop caching unowned originator pointers in BAT
V. CVE-2026-46137へのコメント
まだコメントはありません