ГлавнаяУязвимости → CVE-2026-46150
7.1высокая

CVE-2026-46150

Описание

In the Linux kernel, the following vulnerability has been resolved: fanotify: fix false positive on permission events fsnotify_get_mark_safe() may return false for a mark on an unrelated group, which results in bypassing the permission check. Fix by skipping over detached marks that are not in the current group.

Затрагиваемое ПО
Linux Linux kernel
CVSS
Балл7.1 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Источники
https://git.kernel.org/stable/c/04bb66be92f48ed13c3faf1139d892df228789bchttps://git.kernel.org/stable/c/4a7611ad653785fcdea5ff5f4441e2b7d05b7f11https://git.kernel.org/stable/c/7746e3bd4cc19b5092e00d32d676e329bfcb6900https://git.kernel.org/stable/c/7baa02b0ae9d17ec5f08836d8ea88ce1927d0678https://git.kernel.org/stable/c/895ebbedf88318607c24acc0f591c74b165e1d0ahttps://git.kernel.org/stable/c/a24765332e129c1916d5a6615418b75599b8fcdchttps://git.kernel.org/stable/c/b7b24b28c8cd55844cab908f4f39dded638d5538https://git.kernel.org/stable/c/f130790f1acc8399f32652846c875a251efd040f