mptcp: fix scheduling with atomic in timestamp sockopt
Summary
| CVE | CVE-2026-46168 |
|---|---|
| State | PUBLISHED |
| Assigner | Linux |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-05-28 10:16:32 UTC |
| Updated | 2026-06-01 17:17:30 UTC |
| Description | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix scheduling with atomic in timestamp sockopt Using lock_sock_fast() (atomic context) around sock_set_timestamp() and sock_set_timestamping() is unsafe, as both helpers can sleep. Replace lock_sock_fast() with sleepable lock_sock()/release_sock() to avoid scheduling while atomic panic. |
Risk And Classification
EPSS: 0.000180000 probability, percentile 0.050770000 (date 2026-06-01)
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Linux | Linux | affected 9061f24bf82ec2e92dd1e7c10b98b680db023d31 0949d8bbbedbafe0136a1723c41eb823c2f1e09d git | Not specified |
| CNA | Linux | Linux | affected 9061f24bf82ec2e92dd1e7c10b98b680db023d31 e792cfb6aeaf65612cdf8e3ac431d65e66283654 git | Not specified |
| CNA | Linux | Linux | affected 9061f24bf82ec2e92dd1e7c10b98b680db023d31 ebeb70e29e37cfce899309cc2665a3bfe960ed94 git | Not specified |
| CNA | Linux | Linux | affected 9061f24bf82ec2e92dd1e7c10b98b680db023d31 b157dab93a7af44a84e78cf0cb311dde475cff5b git | Not specified |
| CNA | Linux | Linux | affected 9061f24bf82ec2e92dd1e7c10b98b680db023d31 8a005fe451c73fd2b3d1faa5643c11e6bd07acfc git | Not specified |
| CNA | Linux | Linux | affected 9061f24bf82ec2e92dd1e7c10b98b680db023d31 7eb513b42721bee4b96da69f6188d5a7783f210d git | Not specified |
| CNA | Linux | Linux | affected 9061f24bf82ec2e92dd1e7c10b98b680db023d31 b5c52908d52c6c8eb8933264aa6087a0600fd892 git | Not specified |
| CNA | Linux | Linux | affected 5.14 | Not specified |
| CNA | Linux | Linux | unaffected 5.14 semver | Not specified |
| CNA | Linux | Linux | unaffected 5.15.209 5.15.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.1.175 6.1.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.6.140 6.6.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.12.88 6.12.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.18.30 6.18.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.0.7 7.0.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.1-rc2 * original_commit_for_fix | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| git.kernel.org/stable/c/b157dab93a7af44a84e78cf0cb311dde475cff5b | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/b5c52908d52c6c8eb8933264aa6087a0600fd892 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/0949d8bbbedbafe0136a1723c41eb823c2f1e09d | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/8a005fe451c73fd2b3d1faa5643c11e6bd07acfc | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/e792cfb6aeaf65612cdf8e3ac431d65e66283654 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/ebeb70e29e37cfce899309cc2665a3bfe960ed94 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/7eb513b42721bee4b96da69f6188d5a7783f210d | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.