CVE-2026-46013

Source
https://cve.org/CVERecord?id=CVE-2026-46013
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46013.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-46013
Downstream
Related
Published
2026-05-27T12:56:15.236Z
Modified
2026-06-18T03:57:26.604669194Z
Summary
mm/memfd_luo: fix physical address conversion in put_folios cleanup
Details

In the Linux kernel, the following vulnerability has been resolved:

mm/memfdluo: fix physical address conversion in putfolios cleanup

In memfdluoretrievefolios()'s putfolios cleanup path:

  1. khorestorefolio() expects a physaddrt (physical address) but receives a raw PFN (pfolio->pfn). This causes khorestorepage() to check the wrong physical address (pfn << PAGE_SHIFT instead of the actual physical address).

  2. This loop lacks the !pfolio->pfn check that exists in the main retrieval loop and memfdluodiscard_folios(), which could incorrectly process sparse file holes where pfn=0.

Fix by converting PFN to physical address with PFN_PHYS() and adding the !pfolio->pfn check, matching the pattern used elsewhere in this file.

This issue was identified by the AI review. https://sashiko.dev/#/patchset/20260323110747.193569-1-duanchenghao@kylinos.cn

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46013.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
b3749f174d686627f702234e64bad976dc432dbc
Fixed
bd0d6bde286a2b8e3ae7975b0dcc2d43875d5fc9
Fixed
3538f90ab89aaf302782b4b073a0aae66904cd67

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46013.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.4

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46013.json"