CVE-2026-46302

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
08/06/2026
Last modified:
08/07/2026

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> selinux: allow multiple opens of /sys/fs/selinux/policy<br /> <br /> Currently there can only be a single open of /sys/fs/selinux/policy at<br /> any time. This allows any process to block any other process from<br /> reading the kernel policy. The original motivation seems to have been<br /> a mix of preventing an inconsistent view of the policy size and<br /> preventing userspace from allocating kernel memory without bound, but<br /> this is arguably equally bad. Eliminate the policy_opened flag and<br /> shrink the critical section that the policy mutex is held. While we<br /> are making changes here, drop a couple of extraneous BUG_ONs.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 2.6.37 (including) 7.0.7 (excluding)
cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*