CVE-2026-46157— Linux kernel 安全漏洞
Possible ATT&CK Techniques 1AI
T1059.007 · JavaScriptAffected Version Matrix 10
| ベンダー | プロダクト | Version Range | ステータス |
|---|---|---|---|
| Linux | Linux | 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 49f9d048845be874df7997e4b1ce662de450c4b6 | affected |
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< ac3e9b55b7da6f0be51720bd330a0edc1a8b61f1 | affected | ||
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 6b01c1bc9a4748ab37548a700a8aaff910e298e6 | affected | ||
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 901ac0ff15edf9503162e2cf6579bd11a30f1ed4 | affected | ||
2.6.12 | affected | ||
< 2.6.12 | unaffected | ||
6.12.88≤ 6.12.* | unaffected | ||
6.18.30≤ 6.18.* | unaffected | ||
| … +2 more rows | |||
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2026-46157の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger
ソース: NVD (National Vulnerability Database)
脆弱性説明
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger Currently the runtime.oss.trigger field may be accessed concurrently without protection, which may lead to the data race. And, in this case, it may lead to more severe problem because it's a bit field; as writing the data, it may overwrite other bit fields as well, which confuses the operation completely, as spotted by fuzzing. Fix it by covering runtime.oss.trigger bit fled also with the existing params_lock mutex in both snd_pcm_oss_get_trigger() and snd_pcm_oss_poll().
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Linux kernel 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于ALSA pcm oss中runtime.oss.trigger字段存在数据竞争,可能导致操作混乱。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
II. CVE-2026-46157の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2026-46157のインテリジェンス情報
请登录查看更多情报信息。
CVE-2026-46157 补丁与修复 (4)
Same Patch Batch · Linux · 2026-05-28 · 138 CVEs total
| CVE-2026-46135 | 9.8 CRITICAL | nvmet-tcp: fix race between ICReq handling and queue teardown |
| CVE-2026-46137 | 9.8 CRITICAL | mptcp: pm: ADD_ADDR rtx: fix potential data-race |
| CVE-2026-46115 | 9.8 CRITICAL | block: add pgmap check to biovec_phys_mergeable |
| CVE-2026-46195 | 9.8 CRITICAL | smb: client: validate dacloffset before building DACL pointers |
| CVE-2026-46155 | 9.1 CRITICAL | smb/client: fix out-of-bounds read in smb2_compound_op() |
| CVE-2026-46185 | 9.1 CRITICAL | smb/client: fix out-of-bounds read in symlink_data() |
| CVE-2026-46119 | 9.1 CRITICAL | libceph: Fix slab-out-of-bounds access in auth message processing |
| CVE-2026-46238 | 8.8 HIGH | batman-adv: stop caching unowned originator pointers in BAT IV |
| CVE-2026-46152 | 8.8 HIGH | wifi: mac80211: drop stray 'static' from fast-RX rx_result |
| CVE-2026-46212 | 8.8 HIGH | batman-adv: bla: prevent use-after-free when deleting claims |
| CVE-2026-46166 | 8.8 HIGH | wifi: mac80211: use safe list iteration in radar detect work |
| CVE-2026-46174 | 8.8 HIGH | x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache |
| CVE-2026-46113 | 8.8 HIGH | KVM: x86: Fix shadow paging use-after-free due to unexpected GFN |
| CVE-2026-46125 | 8.8 HIGH | wifi: mac80211: remove station if connection prep fails |
| CVE-2026-46198 | 8.8 HIGH | batman-adv: fix integer overflow on buff_pos |
| CVE-2026-46138 | 8.1 HIGH | Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt |
| CVE-2026-46232 | 8.1 HIGH | HID: playstation: Clamp num_touch_reports |
| CVE-2026-46210 | 7.8 HIGH | media: iris: fix use-after-free of fmt_src during MBPF check |
| CVE-2026-46215 | 7.8 HIGH | drm: Set old handle to NULL before prime swap in change_handle |
| CVE-2026-46145 | 7.8 HIGH | RDMA/mana: Validate rx_hash_key_len |
Showing 20 of 138 CVEs. View all on vendor page →
IV. 関連脆弱性
同じ製品: Linux
- CVE-2026-46242
eventpoll: fix ep_remove struct eventpoll / struct file UAF - CVE-2026-46241
spi: mpc52xx: fix use-after-free on registration failure - CVE-2026-46239
media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl - CVE-2026-46240
media: iris: Fix use-after-free in iris_release_internal_buf - CVE-2026-46238
batman-adv: stop caching unowned originator pointers in BAT
同じベンダー: Linux
- CVE-2026-46242
eventpoll: fix ep_remove struct eventpoll / struct file UAF - CVE-2026-46241
spi: mpc52xx: fix use-after-free on registration failure - CVE-2026-46239
media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl - CVE-2026-46240
media: iris: Fix use-after-free in iris_release_internal_buf - CVE-2026-46238
batman-adv: stop caching unowned originator pointers in BAT
V. CVE-2026-46157へのコメント
まだコメントはありません