CVE-2026-46168

Sažetak

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix scheduling with atomic in timestamp sockopt Using lock_sock_fast() (atomic context) around sock_set_timestamp() and sock_set_timestamping() is unsafe, as both helpers can sleep. Replace lock_sock_fast() with sleepable lock_sock()/release_sock() to avoid scheduling while atomic panic.

Reference

https://git.kernel.org/stable/c/0949d8bbbedbafe0136a1723c41eb823c2f1e09d
https://git.kernel.org/stable/c/7eb513b42721bee4b96da69f6188d5a7783f210d
https://git.kernel.org/stable/c/8a005fe451c73fd2b3d1faa5643c11e6bd07acfc
https://git.kernel.org/stable/c/b157dab93a7af44a84e78cf0cb311dde475cff5b
https://git.kernel.org/stable/c/b5c52908d52c6c8eb8933264aa6087a0600fd892
https://git.kernel.org/stable/c/e792cfb6aeaf65612cdf8e3ac431d65e66283654
https://git.kernel.org/stable/c/ebeb70e29e37cfce899309cc2665a3bfe960ed94

CVSS

Base:	5.5
Impact:	3.6
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Zadnje važnije ažuriranje

10-06-2026 - 21:14

Objavljeno

28-05-2026 - 10:16