Home

Description

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The original motivation seems to have been a mix of preventing an inconsistent view of the policy size and preventing userspace from allocating kernel memory without bound, but this is arguably equally bad. Eliminate the policy_opened flag and shrink the critical section that the policy mutex is held. While we are making changes here, drop a couple of extraneous BUG_ONs.

PUBLISHED Reserved 2026-05-13 | Published 2026-06-08 | Updated 2026-06-09 | Assigner Linux

Product status

Default status
unaffected

cee74f47a6baba0ac457e87687fdcf0abd599f0a (git) before 714362f3779dfa453a78ced32396a72726962a41
affected

cee74f47a6baba0ac457e87687fdcf0abd599f0a (git) before a02cd6805562305f936e807da83e253b719dd965
affected

Default status
affected

2.6.37
affected

Any version before 2.6.37
unaffected

7.0.7 (semver)
unaffected

7.1-rc3 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/714362f3779dfa453a78ced32396a72726962a41

git.kernel.org/...c/a02cd6805562305f936e807da83e253b719dd965

cve.org (CVE-2026-46302)

nvd.nist.gov (CVE-2026-46302)

Download JSON