Home

Description

In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading real_parent in do_task_stat() When reading /proc/[pid]/stat, do_task_stat() accesses task->real_parent without proper RCU protection, which leads to: cpu 0 cpu 1 ----- ----- do_task_stat var = task->real_parent release_task call_rcu(delayed_put_task_struct) task_tgid_nr_ns(var) rcu_read_lock <--- Too late to protect task->real_parent! task_pid_ptr <--- UAF! rcu_read_unlock This patch uses task_ppid_nr_ns() instead of task_tgid_nr_ns() to add proper RCU protection for accessing task->real_parent.

PUBLISHED Reserved 2026-05-13 | Published 2026-06-03 | Updated 2026-06-05 | Assigner Linux




HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Product status

Default status
unaffected

06fffb1267c9d986687b69d74a46ee332a50575e (git) before fefa0fcd78be465b7ad4c497fa6ec90d64194c04
affected

06fffb1267c9d986687b69d74a46ee332a50575e (git) before c93a33f28f915d446eea6fb3f0e1def0b3af1982
affected

06fffb1267c9d986687b69d74a46ee332a50575e (git) before 1c8dc5b5517546c68ffae40b948336122bb61306
affected

06fffb1267c9d986687b69d74a46ee332a50575e (git) before 0e64bd46a04a4fd61279aca9f53a664e9e5f7e7e
affected

06fffb1267c9d986687b69d74a46ee332a50575e (git) before 73ec7c96601d61d52310c659145bb06d933a0fa6
affected

06fffb1267c9d986687b69d74a46ee332a50575e (git) before 4f9ae386861e280b7631ca252f798d25575627ee
affected

06fffb1267c9d986687b69d74a46ee332a50575e (git) before dd8b13cb4ff1a4545a214ed897fdf2bc341155b6
affected

06fffb1267c9d986687b69d74a46ee332a50575e (git) before 76149d53502cf17ef3ae454ff384551236fba867
affected

Default status
affected

2.6.26
affected

Any version before 2.6.26
unaffected

5.10.252 (semver)
unaffected

5.15.202 (semver)
unaffected

6.1.165 (semver)
unaffected

6.6.128 (semver)
unaffected

6.12.75 (semver)
unaffected

6.18.14 (semver)
unaffected

6.19.4 (semver)
unaffected

7.0 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/fefa0fcd78be465b7ad4c497fa6ec90d64194c04

git.kernel.org/...c/c93a33f28f915d446eea6fb3f0e1def0b3af1982

git.kernel.org/...c/1c8dc5b5517546c68ffae40b948336122bb61306

git.kernel.org/...c/0e64bd46a04a4fd61279aca9f53a664e9e5f7e7e

git.kernel.org/...c/73ec7c96601d61d52310c659145bb06d933a0fa6

git.kernel.org/...c/4f9ae386861e280b7631ca252f798d25575627ee

git.kernel.org/...c/dd8b13cb4ff1a4545a214ed897fdf2bc341155b6

git.kernel.org/...c/76149d53502cf17ef3ae454ff384551236fba867

cve.org (CVE-2026-46259)

nvd.nist.gov (CVE-2026-46259)

Download JSON