Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-46302

Summary
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At-08 Jun, 2026 | 15:46
Updated At-08 Jun, 2026 | 15:46
Rejected At-
Credits

selinux: allow multiple opens of /sys/fs/selinux/policy

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The original motivation seems to have been a mix of preventing an inconsistent view of the policy size and preventing userspace from allocating kernel memory without bound, but this is arguably equally bad. Eliminate the policy_opened flag and shrink the critical section that the policy mutex is held. While we are making changes here, drop a couple of extraneous BUG_ONs.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Linux
Assigner Org ID:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:08 Jun, 2026 | 15:46
Updated At:08 Jun, 2026 | 15:46
Rejected At:
▼CVE Numbering Authority (CNA)
selinux: allow multiple opens of /sys/fs/selinux/policy

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The original motivation seems to have been a mix of preventing an inconsistent view of the policy size and preventing userspace from allocating kernel memory without bound, but this is arguably equally bad. Eliminate the policy_opened flag and shrink the critical section that the policy mutex is held. While we are making changes here, drop a couple of extraneous BUG_ONs.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • security/selinux/selinuxfs.c
Default Status
unaffected
Versions
Affected
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 714362f3779dfa453a78ced32396a72726962a41 (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before a02cd6805562305f936e807da83e253b719dd965 (git)
  • From 0 before 7.0.7 (semver)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • security/selinux/selinuxfs.c
Default Status
affected
Versions
Unaffected
  • From 7.0.7 through 7.0.* (semver)
  • From 7.1-rc3 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/714362f3779dfa453a78ced32396a72726962a41
N/A
https://git.kernel.org/stable/c/a02cd6805562305f936e807da83e253b719dd965
N/A
Hyperlink: https://git.kernel.org/stable/c/714362f3779dfa453a78ced32396a72726962a41
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/a02cd6805562305f936e807da83e253b719dd965
Resource: N/A
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:08 Jun, 2026 | 17:16
Updated At:08 Jun, 2026 | 17:16

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The original motivation seems to have been a mix of preventing an inconsistent view of the policy size and preventing userspace from allocating kernel memory without bound, but this is arguably equally bad. Eliminate the policy_opened flag and shrink the critical section that the policy mutex is held. While we are making changes here, drop a couple of extraneous BUG_ONs.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
CPE Matches
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://git.kernel.org/stable/c/714362f3779dfa453a78ced32396a72726962a41416baaa9-dc9f-4396-8d5f-8c081fb06d67
N/A
https://git.kernel.org/stable/c/a02cd6805562305f936e807da83e253b719dd965416baaa9-dc9f-4396-8d5f-8c081fb06d67
N/A
Hyperlink: https://git.kernel.org/stable/c/714362f3779dfa453a78ced32396a72726962a41
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/a02cd6805562305f936e807da83e253b719dd965
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

0Records found
Details not found