CVE-2026-46017
Severity CVSS v4.0:
Pending analysis
Type:
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Publication date:
27/05/2026
Last modified:
16/06/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
mm: fix deferred split queue races during migration<br />
<br />
migrate_folio_move() records the deferred split queue state from src and<br />
replays it on dst. Replaying it after remove_migration_ptes(src, dst, 0)<br />
makes dst visible before it is requeued, so a concurrent rmap-removal path<br />
can mark dst partially mapped and trip the WARN in deferred_split_folio().<br />
<br />
Move the requeue before remove_migration_ptes() so dst is back on the<br />
deferred split queue before it becomes visible again.<br />
<br />
Because migration still holds dst locked at that point, teach<br />
deferred_split_scan() to requeue a folio when folio_trylock() fails. <br />
Otherwise a fully mapped underused folio can be dequeued by the shrinker<br />
and silently lost from split_queue.<br />
<br />
[ziy@nvidia.com: move the comment]
Impact
Base Score 3.x
4.70
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 7.0.4 (excluding) |
To consult the complete list of CPE names with products and versions, see this page



