CVE-2026-46173 Linux CVE debrief

Who should care

Linux system administrators, kernel maintainers, cloud infrastructure operators, and security teams managing bare-metal or virtualized Linux deployments should prioritize this patch. The vulnerability affects core kernel scheduling and could lead to system instability or privilege escalation scenarios through memory corruption. Organizations running unpatched kernels on production systems, especially those with untrusted workloads or where kernel oops conditions may occur, face elevated risk.

Technical summary

The vulnerability is a race condition in kernel/exit.c where make_task_dead() calls do_task_dead() without disabling preemption. The scheduler's __schedule() function requires preemption to be disabled, but this precondition was violated for oopsing tasks. When preempted in the TASK_DEAD state, the task could be rescheduled, causing finish_task_switch() to drop stack references multiple times. This leads to use-after-free or double-free of the entire task stack, with potential for two tasks to share a stack and cause memory corruption. The fix ensures preemption is disabled before do_task_dead() is called.

Defensive priority

high

Recommended defensive actions

• Apply kernel patches from stable kernel branches (6.1.x, 6.6.x, 6.12.x, 6.14.x, 6.15.x) containing commit references
• Reboot systems after kernel update to ensure patched code is active
• Monitor for unexpected kernel panics or memory corruption indicators in system logs
• Prioritize patching on multi-tenant or high-availability systems where kernel stability is critical

Evidence notes

The CVE description and kernel.org stable commits confirm the vulnerability exists in the Linux kernel's exit path. The fix prevents preemption of oopsing TASK_DEAD tasks by ensuring do_task_dead() is called with preemption disabled. Multiple stable kernel branches received patches on 2026-05-28.

Official resources