RCU Protection Issue in Linux Kernel Affecting Task Management
CVE-2026-46259

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 3 June 2026

What is CVE-2026-46259?

A vulnerability in the Linux kernel allows improper handling of task management data due to insufficient RCU protection when accessing the real_parent of a task. This flaw can lead to scenarios where a user-after-free (UAF) condition occurs, potentially enabling an attacker to exploit the system through crafted task interactions. A patch has been implemented that replaces the problematic access method with a version that includes proper RCU protection, thus mitigating the risk associated with this executable path.

Affected Version(s)

Linux 06fffb1267c9d986687b69d74a46ee332a50575e

Linux 06fffb1267c9d986687b69d74a46ee332a50575e < 1c8dc5b5517546c68ffae40b948336122bb61306

References

https://git.kernel.org/stable/c/fefa0fcd78be465b7ad4c497f...

https://git.kernel.org/stable/c/c93a33f28f915d446eea6fb3f...

https://git.kernel.org/stable/c/1c8dc5b5517546c68ffae40b9...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 3, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46259 Data

JSON