CVE-2026-46051

Source
https://cve.org/CVERecord?id=CVE-2026-46051
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46051.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-46051
Downstream
Related
Published
2026-05-27T12:57:09.274Z
Modified
2026-06-18T03:57:20.579711970Z
Summary
md/raid5: fix soft lockup in retry_aligned_read()
Details

In the Linux kernel, the following vulnerability has been resolved:

md/raid5: fix soft lockup in retryalignedread()

When retryalignedread() encounters an overlapped stripe, it releases the stripe via raid5releasestripe() which puts it on the lockless releasedstripes llist. In the next raid5d loop iteration, releasestripelist() drains the stripe onto handlelist (since STRIPEHANDLE is set by the original IO), but retryalignedread() runs before handleactivestripes() and removes the stripe from handlelist via findgetstripe() -> listdelinit(). This prevents handle_stripe() from ever processing the stripe to resolve the overlap, causing an infinite loop and soft lockup.

Fix this by using _releasestripe() with tempinactivelist instead of raid5releasestripe() in the failure path, so the stripe does not go through the releasedstripes llist. This allows raid5d to break out of its loop, and the overlap will be resolved when the stripe is eventually processed by handlestripe().

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46051.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
773ca82fa1ee58dd1bf88b6a5ca385ec83a2cac6
Fixed
66df9f30673db66ac35145820a8e24906069ae57
Fixed
4166d5234fe8b6c3c7f796a6c198605356c5b355
Fixed
a9055300e07d9d6800264d3c2560e1d0144689ca
Fixed
09880592f5a9dc73377d6eb5ac123537b5f8df49
Fixed
80fc6ca2cbde018d52e13f305edcd643911bd94b
Fixed
1985cb3247e87ff6b8ca4bc5f9626f4f51024507
Fixed
883cc33b7af1c448663287f069ef9dfea001e90f
Fixed
7f9f7c697474268d9ef9479df3ddfe7cdcfbbffc

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46051.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.12.0
Fixed
5.10.258
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.209
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.175
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.140
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.86
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.27
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.4

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46051.json"