CVE-2026-46100

Summary

In the Linux kernel, the following vulnerability has been resolved:

fs: afs: revert mmap_prepare() change

Partially reverts commit 9d5403b1036c ("fs: convert most other generic_file_*mmap() users to .mmap_prepare()").

This is because the .mmap invocation establishes a refcount, but .mmap_prepare is called at a point where a merge or an allocation failure might happen after the call, which would leak the refcount increment.

Functionality is being added to permit the use of .mmap_prepare in this case, but in the interim, we need to fix this.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux9d5403b1036cdcd4be0f9f5568612c0e60e73d79 < f51f85c044809fbd39ac8ae07ac99bc43ce32bd5affected
LinuxLinux9d5403b1036cdcd4be0f9f5568612c0e60e73d79 < 48c7a0eaeea41da17d1d84d2d7a4c40be122b246affected
LinuxLinux9d5403b1036cdcd4be0f9f5568612c0e60e73d79 < fbfc6578eaca12daa0c09df1e9ba7f2c657b49daaffected
LinuxLinux6.17affected
LinuxLinux0 < 6.17unaffected
LinuxLinux6.18.27 <= 6.18.*unaffected
LinuxLinux7.0.4 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References