CVE-2026-46302
Received Received - Intake

SELinux Policy File Multiple Opens in Linux Kernel

Publication date: 2026-06-08

Last updated on: 2026-06-08

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The original motivation seems to have been a mix of preventing an inconsistent view of the policy size and preventing userspace from allocating kernel memory without bound, but this is arguably equally bad. Eliminate the policy_opened flag and shrink the critical section that the policy mutex is held. While we are making changes here, drop a couple of extraneous BUG_ONs.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-08
Last Modified
2026-06-08
Generated
2026-06-29
AI Q&A
2026-06-08
EPSS Evaluated
2026-06-27
NVD
CVE-2026-46302
EUVD
EUVD-2026-35167

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's SELinux implementation, specifically related to the handling of the /sys/fs/selinux/policy file. Previously, only one process could open this policy file at a time, which allowed that process to block others from reading the kernel policy. This was originally intended to prevent inconsistent views of the policy size and uncontrolled kernel memory allocation by userspace, but it also created a denial of service condition for other processes.

The fix removes the restriction that only a single open is allowed by eliminating the policy_opened flag and reducing the scope of the policy mutex lock, allowing multiple processes to open the policy file simultaneously without blocking each other.

Impact Analysis

This vulnerability can allow a process to block other processes from reading the SELinux kernel policy by holding the single allowed open on the /sys/fs/selinux/policy file. This could lead to denial of service conditions where legitimate processes are unable to access the policy information they need, potentially disrupting security enforcement or system management tasks.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46302. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart