CVE-2026-45919— Linux kernel 安全漏洞
可能的 ATT&CK 技术 1AI
T1499.002 · Service Exhaustion Flood影响版本矩阵 24
| 厂商 | 产品 | 版本范围 | 状态 |
|---|---|---|---|
| Linux | Linux | 4bdced5c9a2922521e325896a7bbbf0132c94e56< d57d0746276a88ea43a2cc62b849fd8a95e32e41 | affected |
4bdced5c9a2922521e325896a7bbbf0132c94e56< 3b3c672a66db3de3b40f8a7057864bc1f874ede3 | affected | ||
4bdced5c9a2922521e325896a7bbbf0132c94e56< 16ca9f3117e9a294646c897daf08a5ab546c711b | affected | ||
4bdced5c9a2922521e325896a7bbbf0132c94e56< 8ad5577b2d4acfd83f03d97a0aece2d18aac5f07 | affected | ||
4bdced5c9a2922521e325896a7bbbf0132c94e56< a6a73403733e86748421f2eeaf028c85683ef896 | affected | ||
4bdced5c9a2922521e325896a7bbbf0132c94e56< 52aeb1e07ec223caf212f036817976c98d2aa250 | affected | ||
4bdced5c9a2922521e325896a7bbbf0132c94e56< 9f25edc5a20cb52a5abbf25f0724bb4732b81801 | affected | ||
4bdced5c9a2922521e325896a7bbbf0132c94e56< 94894c9c477e53bcea052e075c53f89df3d2a33e | affected | ||
| … +16 条更多 | |||
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2026-45919 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗ 尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
sched/rt: Skip currently executing CPU in rto_next_cpu()
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: sched/rt: Skip currently executing CPU in rto_next_cpu() CPU0 becomes overloaded when hosting a CPU-bound RT task, a non-CPU-bound RT task, and a CFS task stuck in kernel space. When other CPUs switch from RT to non-RT tasks, RT load balancing (LB) is triggered; with HAVE_RT_PUSH_IPI enabled, they send IPIs to CPU0 to drive the execution of rto_push_irq_work_func. During push_rt_task on CPU0, if next_task->prio < rq->donor->prio, resched_curr() sets NEED_RESCHED and after the push operation completes, CPU0 calls rto_next_cpu(). Since only CPU0 is overloaded in this scenario, rto_next_cpu() should ideally return -1 (no further IPI needed). However, multiple CPUs invoking tell_cpu_to_push() during LB increments rd->rto_loop_next. Even when rd->rto_cpu is set to -1, the mismatch between rd->rto_loop and rd->rto_loop_next forces rto_next_cpu() to restart its search from -1. With CPU0 remaining overloaded (satisfying rt_nr_migratory && rt_nr_total > 1), it gets reselected, causing CPU0 to queue irq_work to itself and send self-IPIs repeatedly. As long as CPU0 stays overloaded and other CPUs run pull_rt_tasks(), it falls into an infinite self-IPI loop, which triggers a CPU hardlockup due to continuous self-interrupts. The trigging scenario is as follows: cpu0 cpu1 cpu2 pull_rt_task tell_cpu_to_push <------------irq_work_queue_on rto_push_irq_work_func push_rt_task resched_curr(rq) pull_rt_task rto_next_cpu tell_cpu_to_push <-------------------------- atomic_inc(rto_loop_next) rd->rto_loop != next rto_next_cpu irq_work_queue_on rto_push_irq_work_func Fix redundant self-IPI by filtering the initiating CPU in rto_next_cpu(). This solution has been verified to effectively eliminate spurious self-IPIs and prevent CPU hardlockup scenarios.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于RT调度器中rto_next_cpu函数未跳过当前执行CPU,导致在CPU0过载时,多个CPU触发不必要的IPI,可能影响系统性能。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
二、漏洞 CVE-2026-45919 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|
AI 生成 POC高级
未找到公开 POC。
登录以生成 AI POC三、漏洞 CVE-2026-45919 的情报信息
请登录查看更多情报信息。
CVE-2026-45919 补丁与修复 (7)
同批安全公告 · Linux · 2026-05-27 · 共 275 条
| CVE-2026-45898 | 9.8 CRITICAL | Linux kernel 安全漏洞 |
| CVE-2026-46039 | 9.8 CRITICAL | Linux kernel 安全漏洞 |
| CVE-2026-45972 | 9.8 CRITICAL | Linux kernel 安全漏洞 |
| CVE-2026-45988 | 9.8 CRITICAL | Linux kernel 安全漏洞 |
| CVE-2026-46043 | 9.1 CRITICAL | Linux kernel 安全漏洞 |
| CVE-2026-45945 | 8.8 HIGH | Linux kernel 安全漏洞 |
| CVE-2026-46056 | 8.8 HIGH | Linux kernel 安全漏洞 |
| CVE-2026-45843 | 8.2 HIGH | Linux kernel 安全漏洞 |
| CVE-2026-46037 | 8.2 HIGH | Linux kernel 安全漏洞 |
| CVE-2026-46010 | 8.1 HIGH | Linux kernel 安全漏洞 |
| CVE-2026-46099 | 8.1 HIGH | Linux kernel 安全漏洞 |
| CVE-2026-46076 | 7.9 HIGH | Linux kernel 安全漏洞 |
| CVE-2026-45959 | 7.8 HIGH | Linux kernel 安全漏洞 |
| CVE-2026-45956 | 7.8 HIGH | Linux kernel 安全漏洞 |
| CVE-2026-45909 | 7.8 HIGH | Linux kernel 安全漏洞 |
| CVE-2026-46093 | 7.8 HIGH | Linux kernel 安全漏洞 |
| CVE-2026-46053 | 7.8 HIGH | Linux kernel 安全漏洞 |
| CVE-2026-45935 | 7.8 HIGH | Linux kernel 安全漏洞 |
| CVE-2026-45862 | 7.8 HIGH | Linux kernel 安全漏洞 |
| CVE-2026-46100 | 7.8 HIGH | Linux kernel 安全漏洞 |
显示前 20 条,共 275 条。 查看全部 → →
IV. Related Vulnerabilities
V. Comments for CVE-2026-45919
暂无评论