Vulnerability Details CVE-2026-46042
In the Linux kernel, the following vulnerability has been resolved:
mm/mempolicy: fix memory leaks in weighted_interleave_auto_store()
weighted_interleave_auto_store() fetches old_wi_state inside the if
(!input) block only. This causes two memory leaks:
1. When a user writes "false" and the current mode is already manual,
the function returns early without freeing the freshly allocated
new_wi_state.
2. When a user writes "true", old_wi_state stays NULL because the
fetch is skipped entirely. The old state is then overwritten by
rcu_assign_pointer() but never freed, since the cleanup path is
gated on old_wi_state being non-NULL. A user can trigger this
repeatedly by writing "1" in a loop.
Fix both leaks by moving the old_wi_state fetch before the input check,
making it unconditional. This also allows a unified early return for both
"true" and "false" when the requested mode matches the current mode.
Reviewed by: Donet Tom <donettom@linux.ibm.com>
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 7.0%
CVSS Severity
CVSS v3 Score 5.5
References
Products affected by CVE-2026-46042
-
cpe:2.3:o:linux:linux_kernel:6.16
-
cpe:2.3:o:linux:linux_kernel:6.16.1
-
cpe:2.3:o:linux:linux_kernel:6.16.10
-
cpe:2.3:o:linux:linux_kernel:6.16.11
-
cpe:2.3:o:linux:linux_kernel:6.16.12
-
cpe:2.3:o:linux:linux_kernel:6.16.2
-
cpe:2.3:o:linux:linux_kernel:6.16.3
-
cpe:2.3:o:linux:linux_kernel:6.16.4
-
cpe:2.3:o:linux:linux_kernel:6.16.5
-
cpe:2.3:o:linux:linux_kernel:6.16.6
-
cpe:2.3:o:linux:linux_kernel:6.16.7
-
cpe:2.3:o:linux:linux_kernel:6.16.8
-
cpe:2.3:o:linux:linux_kernel:6.16.9
-
cpe:2.3:o:linux:linux_kernel:6.17
-
cpe:2.3:o:linux:linux_kernel:6.17.1
-
cpe:2.3:o:linux:linux_kernel:6.17.10
-
cpe:2.3:o:linux:linux_kernel:6.17.11
-
cpe:2.3:o:linux:linux_kernel:6.17.12
-
cpe:2.3:o:linux:linux_kernel:6.17.13
-
cpe:2.3:o:linux:linux_kernel:6.17.2
-
cpe:2.3:o:linux:linux_kernel:6.17.3
-
cpe:2.3:o:linux:linux_kernel:6.17.4
-
cpe:2.3:o:linux:linux_kernel:6.17.5
-
cpe:2.3:o:linux:linux_kernel:6.17.6
-
cpe:2.3:o:linux:linux_kernel:6.17.7
-
cpe:2.3:o:linux:linux_kernel:6.17.8
-
cpe:2.3:o:linux:linux_kernel:6.17.9
-
cpe:2.3:o:linux:linux_kernel:6.18
-
cpe:2.3:o:linux:linux_kernel:6.18.1
-
cpe:2.3:o:linux:linux_kernel:6.18.10
-
cpe:2.3:o:linux:linux_kernel:6.18.11
-
cpe:2.3:o:linux:linux_kernel:6.18.13
-
cpe:2.3:o:linux:linux_kernel:6.18.14
-
cpe:2.3:o:linux:linux_kernel:6.18.16
-
cpe:2.3:o:linux:linux_kernel:6.18.17
-
cpe:2.3:o:linux:linux_kernel:6.18.18
-
cpe:2.3:o:linux:linux_kernel:6.18.19
-
cpe:2.3:o:linux:linux_kernel:6.18.2
-
cpe:2.3:o:linux:linux_kernel:6.18.20
-
cpe:2.3:o:linux:linux_kernel:6.18.21
-
cpe:2.3:o:linux:linux_kernel:6.18.22
-
cpe:2.3:o:linux:linux_kernel:6.18.23
-
cpe:2.3:o:linux:linux_kernel:6.18.24
-
cpe:2.3:o:linux:linux_kernel:6.18.25
-
cpe:2.3:o:linux:linux_kernel:6.18.26
-
cpe:2.3:o:linux:linux_kernel:6.18.3
-
cpe:2.3:o:linux:linux_kernel:6.18.4
-
cpe:2.3:o:linux:linux_kernel:6.18.5
-
cpe:2.3:o:linux:linux_kernel:6.18.6
-
cpe:2.3:o:linux:linux_kernel:6.18.7
-
cpe:2.3:o:linux:linux_kernel:6.18.8
-
cpe:2.3:o:linux:linux_kernel:6.18.9
-
cpe:2.3:o:linux:linux_kernel:6.19
-
cpe:2.3:o:linux:linux_kernel:6.19.1
-
cpe:2.3:o:linux:linux_kernel:6.19.10
-
cpe:2.3:o:linux:linux_kernel:6.19.11
-
cpe:2.3:o:linux:linux_kernel:6.19.12
-
cpe:2.3:o:linux:linux_kernel:6.19.13
-
cpe:2.3:o:linux:linux_kernel:6.19.14
-
cpe:2.3:o:linux:linux_kernel:6.19.3
-
cpe:2.3:o:linux:linux_kernel:6.19.4
-
cpe:2.3:o:linux:linux_kernel:6.19.6
-
cpe:2.3:o:linux:linux_kernel:6.19.7
-
cpe:2.3:o:linux:linux_kernel:6.19.8
-
cpe:2.3:o:linux:linux_kernel:6.19.9
-
cpe:2.3:o:linux:linux_kernel:7.0
-
cpe:2.3:o:linux:linux_kernel:7.0.1
-
cpe:2.3:o:linux:linux_kernel:7.0.2
-
cpe:2.3:o:linux:linux_kernel:7.0.3