CVE-2026-46318— Linux内核hugetlbfs回滚mmap_prepare导致的内存映射漏洞
可能的 ATT&CK 技术 1AI
T1190 · Exploit Public-Facing Application获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2026-46318 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗ 尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Revert "mm/hugetlbfs: update hugetlbfs to use mmap_prepare"
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: Revert "mm/hugetlbfs: update hugetlbfs to use mmap_prepare" This reverts commit ea52cb24cd3f ("mm/hugetlbfs: update hugetlbfs to use mmap_prepare") with conflict resolution to account for changes in commit ea52cb24cd3f ("mm/hugetlbfs: update hugetlbfs to use mmap_prepare"). The patch incorrectly handled hugetlb VMA lock allocation at the mmap_prepare stage, where a failed allocation occurring after mmap_prepare is called might result in the lock leaking. There is no risk of a merge causing a similar issues, as VMA_DONTEXPAND_BIT is set for hugetlb mappings. As a first step in addressing this issue, simply revert the change so we can rework how we do this having corrected the underlying issues. We maintain the VMA flags changes as best we can, accounting for the fact that we were working with a VMA descriptor previously and propagating like-for-like changes for this. Note that we invoke vma_set_flags() and do not call vma_start_write() as vm_flags_set() does. This is OK as it's being done in an .mmap hook where the VMA is not yet linked into the tree so nobody else can be accessing it.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
受影响产品
二、漏洞 CVE-2026-46318 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|
AI 生成 POC高级
未找到公开 POC。
登录以生成 AI POC三、漏洞 CVE-2026-46318 的情报信息
请登录查看更多情报信息。
CVE-2026-46318 补丁与修复 (2)
同批安全公告 · Linux · 2026-06-09 · 共 21 条
| CVE-2026-46325 | RDMA/rxe: MR页面大小非PAGE_SIZE时iov转va漏洞 | |
| CVE-2026-46315 | io_uring/waitid 漏洞未清理等待信息 | |
| CVE-2026-46316 | KVM ARM64 vgic-its 缓存引用释放漏洞 | |
| CVE-2026-46317 | KVM arm64 嵌套mmus数组重分配漏洞 | |
| CVE-2026-46319 | Linux内核网络调度act_ct模块释放RCU读锁时机不当 | |
| CVE-2026-46320 | tap_get_user_xdp 错误路径未释放页面漏洞 | |
| CVE-2026-46321 | tun模块在tun_xdp_one()中释放短帧拒绝页面的漏洞 | |
| CVE-2026-46322 | Linux TUN模块内存释放漏洞 | |
| CVE-2026-46323 | Linux内核网络 GRO Zcopy合并漏洞 | |
| CVE-2026-46324 | Netfilter nf_tables 使用 list_del_rcu 处理 netlink 钩子 | |
| CVE-2026-52907 | Rockchip RKCIF 媒体驱动存在越界错误漏洞 | |
| CVE-2026-46326 | Linux内核压力传感器驱动SPI传输结构初始化漏洞 | |
| CVE-2026-46327 | dm_suspended_md 解锁测试漏洞 | |
| CVE-2026-46328 | AppArmor Posix CPU定时器RLimit漏洞 | |
| CVE-2026-46330 | Linux 内核 net/smc TCP ULP 支持漏洞 | |
| CVE-2026-46329 | erofs 文件挂载时正确处理方法结尾 | |
| CVE-2026-46332 | Greybus GB-BeaglePlay 缓冲区绑定漏洞 | |
| CVE-2026-52904 | Nouveau驱动 nvkm_device在窗口移除失败时泄露漏洞 | |
| CVE-2026-52905 | DAMON 核心模块不允许非 2 的幂次方最小区域大小 | |
| CVE-2026-52906 | 9p 访问模式标志错误按位或替换 |
IV. Related Vulnerabilities
V. Comments for CVE-2026-46318
暂无评论