Refcount Vulnerability in Linux Kernel's AFS File System
CVE-2026-46100

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 May 2026

What is CVE-2026-46100?

A refcount vulnerability in the AFS file system of the Linux kernel allows for refcount increments to leak during allocation failures or merges. This situation arises because the .mmap_prepare() function is invoked in a context where a failure may occur after the refcount is increased, thus failing to properly manage memory references. The Linux kernel has addressed this issue by partially reverting a previous commit, establishing the need for careful handling of memory references in asynchronous operations.

Affected Version(s)

Linux 9d5403b1036cdcd4be0f9f5568612c0e60e73d79

Linux 9d5403b1036cdcd4be0f9f5568612c0e60e73d79 < 48c7a0eaeea41da17d1d84d2d7a4c40be122b246

Linux 9d5403b1036cdcd4be0f9f5568612c0e60e73d79

References

https://git.kernel.org/stable/c/f51f85c044809fbd39ac8ae07...

https://git.kernel.org/stable/c/48c7a0eaeea41da17d1d84d2d...

https://git.kernel.org/stable/c/fbfc6578eaca12daa0c09df1e...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 27, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46100 Data

JSON