CVE-2026-23056

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> uacce: implement mremap in uacce_vm_ops to return -EPERM<br /> <br /> The current uacce_vm_ops does not support the mremap operation of<br /> vm_operations_struct. Implement .mremap to return -EPERM to remind<br /> users.<br /> <br /> The reason we need to explicitly disable mremap is that when the<br /> driver does not implement .mremap, it uses the default mremap<br /> method. This could lead to a risk scenario:<br /> <br /> An application might first mmap address p1, then mremap to p2,<br /> followed by munmap(p1), and finally munmap(p2). Since the default<br /> mremap copies the original vma&amp;#39;s vm_private_data (i.e., q) to the<br /> new vma, both munmap operations would trigger vma_close, causing<br /> q-&gt;qfr to be freed twice(qfr will be set to null here, so repeated<br /> release is ok).