CVE-2026-46017

Published: May 27, 2026

Modified: May 27, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: mm: fix deferred split queue races during migration migrate_folio_move() records the deferred split queue state from src and replays it on dst. Replaying it after remove_migration_ptes(src, dst, 0) makes dst visible before it is requeued, so a concurrent rmap-removal path can mark dst partially mapped and trip the WARN in deferred_split_folio(). Move the requeue before remove_migration_ptes() so dst is back on the deferred split queue before it becomes visible again. Because migration still holds dst locked at that point, teach deferred_split_scan() to requeue a folio when folio_trylock() fails. Otherwise a fully mapped underused folio can be dequeued by the shrinker and silently lost from split_queue. [[email protected]: move the comment]

Vendor	Product	Versions
Linux	Linux	affected `1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < cbf75cf212ee6e499abc1757fb4b5ae6d70ed0aa` affected `1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 3bac01168982ec3e3bf87efdc1807c7933590a85` affected `0 - < 7.0.4`
Linux	Linux	unaffected `7.0.4 - <= 7.0.` unaffected `7.1-rc1 - <= `

References

https://git.kernel.org/stable/c/cbf75cf212ee6e499abc1757fb4b5ae6d70ed0aa

https://git.kernel.org/stable/c/3bac01168982ec3e3bf87efdc1807c7933590a85

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-46017

Description

Affected Products

References