CVE-2026-23415

In the Linux kernel, the following vulnerability has been resolved: futex: Fix UaF between futexkeytonodeopt and vmareplacepolicy During futexkeytonodeopt execution, vma-vmpolicy is read under speculative mmap lock and RCU. Concurrently, mbind may call vmareplacepolicy which frees the old mempoli...

CVE-2026-23415 futex: Fix UaF between futex_key_to_node_opt() and vma_replace_policy()

In the Linux kernel, the following vulnerability has been resolved: futex: Fix UaF between futexkeytonodeopt and vmareplacepolicy During futexkeytonodeopt execution, vma-vmpolicy is read under speculative mmap lock and RCU. Concurrently, mbind may call vmareplacepolicy which frees the old mempoli...

CVE-2026-23415

The CVE-2026-23415 issue affects the Linux kernel futex subsystem. A race occurs between futex_key_to_node_opt() reading vma->vm_policy under speculative mmap lock/RCU and mbind() calling vma_replace_policy(), which can free the old mempolicy via kmem_cache_free(). This leads to a use-after-fr...

CVE-2022-50391

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leak in setmempolicyhomenode system call When encountering any vma in the range with policy other than MPOLBIND or MPOLPREFERREDMANY, an error is returned without issuing a mpolput on the policy just...