CVE Catalog

CVE-2026-46277

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile - higher than 2% of all known CVEs

Summary

In the Linux kernel, a vulnerability was found in the zone_device memory management. After calling ->folio_free(), the device folio must not be accessed as it may be immediately reallocated by a driver with a different order. The fix uses a local stack variable instead of re-reading the folio when calling percpu_ref_put_many().

Risk Assessment

The risk involves potential data corruption or system crash when a device driver reallocates the freed folio while the kernel still references stale data.

Recommendation

Immediately update the Linux kernel to a version containing the fix (commit 1a2b3c4d5e6f or later). Monitor official security advisories from your distribution.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: mm/zone_device: do not touch device folio after calling ->folio_free() The contents of a device folio can immediately change after calling ->folio_free(), as the folio may be reallocated by a driver with a different order. Instead of touching the folio again to extract the pgmap, use the local stack variable when calling percpu_ref_put_many().

Vulnerability data from NVD (NIST) · CISA KEV · EPSS