CVE-2026-46100

HIGH

fs: afs: revert mmap_prepare() change

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: fs: afs: revert mmap_prepare() change Partially reverts commit 9d5403b1036c ("fs: convert most other generic_file_*mmap() users to .mmap_prepare()"). This is because the .mmap invocation establishes a refcount, but .mmap_prepare is called at a point where a merge or an allocation failure might happen after the call, which would leak the refcount increment. Functionality is being added to permit the use of .mmap_prepare in this case, but in the interim, we need to fix this.

Scores

CVSS v3 7.8
EPSS 0.0013
EPSS Percentile 2.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (12)
linux/Kernel 6.17.0 - 6.18.27linux
linux/Kernel 6.19.0 - 7.0.4linux
Linux/Linux < 6.17
Linux/Linux 6.17
Linux/Linux 6.18.27 - 6.18.*
Linux/Linux 7.0.4 - 7.0.*
Linux/Linux 7.1
Linux/Linux 7.1-rc1
Linux/Linux 9d5403b1036cdcd4be0f9f5568612c0e60e73d79 - 48c7a0eaeea41da17d1d84d2d7a4c40be122b246
Linux/Linux 9d5403b1036cdcd4be0f9f5568612c0e60e73d79 - f51f85c044809fbd39ac8ae07ac99bc43ce32bd5
... and 2 more
Published May 27, 2026
Tracked Since May 27, 2026