7.1
CVE-2026-46150
- EPSS 0.14%
- Veröffentlicht 28.05.2026 09:36:06
- Zuletzt bearbeitet 09.06.2026 21:06:10
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
fanotify: fix false positive on permission events
In the Linux kernel, the following vulnerability has been resolved: fanotify: fix false positive on permission events fsnotify_get_mark_safe() may return false for a mark on an unrelated group, which results in bypassing the permission check. Fix by skipping over detached marks that are not in the current group.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.12 < 5.10.258
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.209
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.175
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.140
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.88
Linux ≫ Linux Kernel Version >= 6.13 < 6.18.30
Linux ≫ Linux Kernel Version >= 6.19 < 7.0.7
Linux ≫ Linux Kernel Version7.1 Updaterc1
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.038 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | 7.1 | 1.8 | 5.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
|
https://git.kernel.org/stable/c/895ebbedf88318607c24acc0f591c74b165e1d0a
https://git.kernel.org/stable/c/f130790f1acc8399f32652846c875a251efd040f
https://git.kernel.org/stable/c/7baa02b0ae9d17ec5f08836d8ea88ce1927d0678
https://git.kernel.org/stable/c/b7b24b28c8cd55844cab908f4f39dded638d5538
https://git.kernel.org/stable/c/7746e3bd4cc19b5092e00d32d676e329bfcb6900
https://git.kernel.org/stable/c/04bb66be92f48ed13c3faf1139d892df228789bc
https://git.kernel.org/stable/c/4a7611ad653785fcdea5ff5f4441e2b7d05b7f11
https://git.kernel.org/stable/c/a24765332e129c1916d5a6615418b75599b8fcdc