CVE-2026-46054
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
27/05/2026
Last modified:
30/06/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
selinux: fix overlayfs mmap() and mprotect() access checks<br />
<br />
The existing SELinux security model for overlayfs is to allow access if<br />
the current task is able to access the top level file (the "user" file)<br />
and the mounter&#39;s credentials are sufficient to access the lower<br />
level file (the "backing" file). Unfortunately, the current code does<br />
not properly enforce these access controls for both mmap() and mprotect()<br />
operations on overlayfs filesystems.<br />
<br />
This patch makes use of the newly created security_mmap_backing_file()<br />
LSM hook to provide the missing backing file enforcement for mmap()<br />
operations, and leverages the backing file API and new LSM blob to<br />
provide the necessary information to properly enforce the mprotect()<br />
access controls.
Impact
Base Score 3.x
7.10
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.19 (including) | 7.0.4 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/82544d36b1729153c8aeb179e84750f0c085d3b1
- https://git.kernel.org/stable/c/cd0e707a927a70cdfd8bc5a512a9719a87f5ed51
- https://access.redhat.com/errata/RHSA-2026:25191
- https://access.redhat.com/errata/RHSA-2026:27811
- https://access.redhat.com/errata/RHSA-2026:27812
- https://access.redhat.com/errata/RHSA-2026:30848
- https://access.redhat.com/security/cve/CVE-2026-46054
- https://bugzilla.redhat.com/show_bug.cgi?id=2482025
- https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46054.json



