{"api_version":"1","generated_at":"2026-06-19T17:47:28+00:00","cve":"CVE-2026-46302","urls":{"html":"https://cve.report/CVE-2026-46302","api":"https://cve.report/api/cve/CVE-2026-46302.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-46302","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-46302"},"summary":{"title":"selinux: allow multiple opens of /sys/fs/selinux/policy","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: allow multiple opens of /sys/fs/selinux/policy\n\nCurrently there can only be a single open of /sys/fs/selinux/policy at\nany time. This allows any process to block any other process from\nreading the kernel policy. The original motivation seems to have been\na mix of preventing an inconsistent view of the policy size and\npreventing userspace from allocating kernel memory without bound, but\nthis is arguably equally bad. Eliminate the policy_opened flag and\nshrink the critical section that the policy mutex is held. While we\nare making changes here, drop a couple of extraneous BUG_ONs.","state":"PUBLISHED","assigner":"Linux","published_at":"2026-06-08 17:16:48","updated_at":"2026-06-08 17:16:48"},"problem_types":[],"metrics":[],"references":[{"url":"https://git.kernel.org/stable/c/714362f3779dfa453a78ced32396a72726962a41","name":"https://git.kernel.org/stable/c/714362f3779dfa453a78ced32396a72726962a41","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/a02cd6805562305f936e807da83e253b719dd965","name":"https://git.kernel.org/stable/c/a02cd6805562305f936e807da83e253b719dd965","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-46302","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-46302","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 714362f3779dfa453a78ced32396a72726962a41 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 a02cd6805562305f936e807da83e253b719dd965 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 7.0.7 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 7.0.7 7.0.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 7.1-rc3 * original_commit_for_fix","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"46302","cve":"CVE-2026-46302","epss":"0.000240000","percentile":"0.072250000","score_date":"2026-06-14","updated_at":"2026-06-15 00:14:09"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Linux","programFiles":["security/selinux/selinuxfs.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThan":"714362f3779dfa453a78ced32396a72726962a41","status":"affected","version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","versionType":"git"},{"lessThan":"a02cd6805562305f936e807da83e253b719dd965","status":"affected","version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","versionType":"git"},{"lessThan":"7.0.7","status":"affected","version":"0","versionType":"semver"}]},{"defaultStatus":"affected","product":"Linux","programFiles":["security/selinux/selinuxfs.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThanOrEqual":"7.0.*","status":"unaffected","version":"7.0.7","versionType":"semver"},{"lessThanOrEqual":"*","status":"unaffected","version":"7.1-rc3","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"7.0.7","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"7.1-rc3","vulnerable":true}],"negate":false,"operator":"OR"}]}],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: allow multiple opens of /sys/fs/selinux/policy\n\nCurrently there can only be a single open of /sys/fs/selinux/policy at\nany time. This allows any process to block any other process from\nreading the kernel policy. The original motivation seems to have been\na mix of preventing an inconsistent view of the policy size and\npreventing userspace from allocating kernel memory without bound, but\nthis is arguably equally bad. Eliminate the policy_opened flag and\nshrink the critical section that the policy mutex is held. While we\nare making changes here, drop a couple of extraneous BUG_ONs."}],"providerMetadata":{"dateUpdated":"2026-06-08T15:46:29.545Z","orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux"},"references":[{"url":"https://git.kernel.org/stable/c/714362f3779dfa453a78ced32396a72726962a41"},{"url":"https://git.kernel.org/stable/c/a02cd6805562305f936e807da83e253b719dd965"}],"title":"selinux: allow multiple opens of /sys/fs/selinux/policy","x_generator":{"engine":"bippy-1.2.0"}}},"cveMetadata":{"assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","assignerShortName":"Linux","cveId":"CVE-2026-46302","datePublished":"2026-06-08T15:46:29.545Z","dateReserved":"2026-05-13T15:03:33.111Z","dateUpdated":"2026-06-08T15:46:29.545Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-06-08 17:16:48","lastModifiedDate":"2026-06-08 17:16:48","problem_types":[],"metrics":[],"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"46302","Ordinal":"1","Title":"selinux: allow multiple opens of /sys/fs/selinux/policy","CVE":"CVE-2026-46302","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"46302","Ordinal":"1","NoteData":"In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: allow multiple opens of /sys/fs/selinux/policy\n\nCurrently there can only be a single open of /sys/fs/selinux/policy at\nany time. This allows any process to block any other process from\nreading the kernel policy. The original motivation seems to have been\na mix of preventing an inconsistent view of the policy size and\npreventing userspace from allocating kernel memory without bound, but\nthis is arguably equally bad. Eliminate the policy_opened flag and\nshrink the critical section that the policy mutex is held. While we\nare making changes here, drop a couple of extraneous BUG_ONs.","Type":"Description","Title":"selinux: allow multiple opens of /sys/fs/selinux/policy"}]}}}