Use-after-free in Linux kernel - CVE-2026-46173
Published: May 29, 2026
Vulnerability identifier: #VU133029
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-46173
CWE-ID: CWE-416
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause memory corruption.
The vulnerability exists due to use-after-free in make_task_dead()/do_task_dead() task exit handling when an already-exiting task oopses during task exit. A local user can trigger an oops in a file_operations::release handler to cause memory corruption.
This can result in two tasks running on the same stack.
How to mitigate CVE-2026-46173
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/640b4c00fb0e2920327435f6176cbefc3c546165
- https://git.kernel.org/stable/c/6f49f94f3b11fe8bff1bf2a054143789e76aaf17
- https://git.kernel.org/stable/c/7b2800ba5f5f77a8ee7f4cbadb19cf1264597a34
- https://git.kernel.org/stable/c/9756b3db5db6c2f5eccb32dddbd88eb4c54f575e
- https://git.kernel.org/stable/c/c1fa0bb633e4a6b11e83ffc57fa5abe8ebb87891