CVE-2026-46017

Severity CVSS v4.0:
Pending analysis
Type:
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Publication date:
27/05/2026
Last modified:
16/06/2026

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> mm: fix deferred split queue races during migration<br /> <br /> migrate_folio_move() records the deferred split queue state from src and<br /> replays it on dst. Replaying it after remove_migration_ptes(src, dst, 0)<br /> makes dst visible before it is requeued, so a concurrent rmap-removal path<br /> can mark dst partially mapped and trip the WARN in deferred_split_folio().<br /> <br /> Move the requeue before remove_migration_ptes() so dst is back on the<br /> deferred split queue before it becomes visible again.<br /> <br /> Because migration still holds dst locked at that point, teach<br /> deferred_split_scan() to requeue a folio when folio_trylock() fails. <br /> Otherwise a fully mapped underused folio can be dequeued by the shrinker<br /> and silently lost from split_queue.<br /> <br /> [ziy@nvidia.com: move the comment]

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 7.0.4 (excluding)