inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails

...

SUSE CVE-2026-46040

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

CVE-2026-46040

A flaw was found in the Linux kernel's inotify subsystem. When the fsnotifyaddinodemarklocked function fails during the creation of a new watch, the system does not properly decrement the watch count. This oversight can lead to a watch count leak, where repeated failures exhaust the maximum user...

CVE-2026-46040

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

UBUNTU-CVE-2026-46040

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

CVE-2026-46040

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

EUVD-2026-32421

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

CVE-2026-46040

CVE-2026-46040: In the Linux kernel inotify path, when fsnotify_add_inode_mark_locked() fails during inotify_new_watch(), the error path did not call dec_inotify_watches(), leaking a watch count and potentially exhausting max_user_watches (-ENOSPC) even with no active watches. The fix introduces ...

CVE-2026-46040 inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

CVE-2026-46040

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

PT-2026-43907

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A watch count leak occurs in the inotify system when the fsnotify add inode mark locked function fails within inotify new watch. In this scenario, the error path executes inotify remove...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the fsnotifyadd inodemarklocked function in inotifynewwatch, where the monitoring...

CVE-2026-46040

inotify: fix watch count leak when fsnotifyaddinodemarklocked fails...

Linux Distros Unpatched Vulnerability : CVE-2026-46040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls...

systemd security update

252-55.0.3.el97.9 - serialize: don't allocate 1M on the stack just like that LINUX-16166 - Route logs from container mapped uids to the system journal Orabug: 38135007 - Drop delay when nspawn fails to reset loginuid Orabug: 37793135 - Improve logging for api bus connection and subscribers Orabug...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: inotify: Avoid reporting events with an invalid wd value. When inotifyfreeingmark races with inotifyhandle inodeevent, it is possible that inotifyhandle inodeevent sees that imark-wd has already been reset to -1 and reports this...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003821)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003821 advisory. In the Linux kernel through 5.0.2, the function inotifyupdateexistingwatch in fs/notify/inotify/inotifyuser.c neglects to call fsnotifyputmark with INMASKCREATE afte...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001107)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001107 advisory. Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service memory corruption...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004369)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004369 advisory. In the Linux kernel through 5.0.2, the function inotifyupdateexistingwatch in fs/notify/inotify/inotifyuser.c neglects to call fsnotifyputmark with INMASKCREATE afte...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003451)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003451 advisory. Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service memory corruption...