CVE-2026-46042

Published: Mag 27, 2026 Last Modified: Mag 27, 2026

ExploitDB:

Other exploit source:

Google Dorks:

Description

AI Translation Available

In the Linux kernel, the following vulnerability has been resolved:

mm/mempolicy: fix memory leaks in weighted_interleave_auto_store()

weighted_interleave_auto_store() fetches old_wi_state inside the if
(!input) block only. This causes two memory leaks:

1. When a user writes 'false' and the current mode is already manual,
the function returns early without freeing the freshly allocated
new_wi_state.

2. When a user writes 'true', old_wi_state stays NULL because the
fetch is skipped entirely. The old state is then overwritten by
rcu_assign_pointer() but never freed, since the cleanup path is
gated on old_wi_state being non-NULL. A user can trigger this
repeatedly by writing '1' in a loop.

Fix both leaks by moving the old_wi_state fetch before the input check,
making it unconditional. This also allows a unified early return for both
'true' and 'false' when the requested mode matches the current mode.

Reviewed by: Donet Tom <[email protected]>

https://git.kernel.org/stable/c/39caa9ca863f96b3d00447c5aa2…

https://git.kernel.org/stable/c/39caa9ca863f96b3d00447c5aa200cabda489856

https://git.kernel.org/stable/c/6fae274ce0e3109cbbc4c18b354…

https://git.kernel.org/stable/c/6fae274ce0e3109cbbc4c18b354eaace1f0af7d7

https://git.kernel.org/stable/c/c42a7efb9060d89b72708ffaf25…

https://git.kernel.org/stable/c/c42a7efb9060d89b72708ffaf255d0002c2164a7

CVE-2026-46042

Description

Iscriviti alla newsletter