Memory Management Vulnerability in Linux Kernel by Linux Foundation
CVE-2026-52930

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 24 June 2026

What is CVE-2026-52930?

A vulnerability exists in the Linux kernel's handling of IPC shared memory, specifically in the orphan cleanup process. The function shm_destroy_orphaned() does not properly serialize access to shared memory structures under certain conditions. This oversight allows for potential race conditions, as the attached processes can modify the reference count while another thread checks for orphaned segments. To mitigate this, the shm_may_destroy() validation must occur under the correct locking mechanisms to prevent unauthorized deletion of shared memory segments before the adequate permissions are obtained. This fix reinforces the integrity of the memory management subsystem in Linux, minimizing risks associated with concurrent access to shared memory resources.

Affected Version(s)

Linux 4c677e2eefdba9c5bfc4474e2e91b26ae8458a1d

Linux 4c677e2eefdba9c5bfc4474e2e91b26ae8458a1d < 92cda2593cf2ed25b0e9d78e5e6d8303bba1a064

Linux 4c677e2eefdba9c5bfc4474e2e91b26ae8458a1d < 1f0d01e35dbb228084d5187212e32c91a30dcbeb

References

https://git.kernel.org/stable/c/b1e9aef48e4d8a0c1b54fb913...

https://git.kernel.org/stable/c/92cda2593cf2ed25b0e9d78e5...

https://git.kernel.org/stable/c/1f0d01e35dbb228084d518721...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-52930 Data

JSON