{“lastseen”:””,”description”:”In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet\/sched: fix pedit partial COW leading to page cache corruption\\n\\ntcf_pedit_act() computes the COW range for skb_ensure_writable()\\nonce before the key loop using tcfp_off_max_hint, but the hint does\\nnot account for the runtime header offset added by typed keys. This\\ncan leave part of the write region un-COW’d.\\n\\nFix by moving skb_ensure_writable() inside the per-key loop where\\nthe actual write offset is known, and add overflow checking on the\\noffset arithmetic. For negative offsets (e.g. Ethernet header edits\\nat ingress), use skb_cow() to COW the headroom instead. Guard\\noffset_valid() against INT_MIN, where negation is undefined.”,”published”:”2026-06-16T06:26:21.066Z”,”modified”:”2026-06-28T06:36:22.892Z”,”type”:”cve”,”title”:”net\/sched: fix pedit partial COW leading to page cache corruption”,”source”:”Linux”,”references”:”https:\/\/git.kernel.org\/stable\/c\/2bec122b9fb91507a758ab5e3e5c4fbe7cb3f61b\\nhttps:\/\/git.kernel.org\/stable\/c\/b198ed4e52580a7238c7c7082f03906f8b310313\\nhttps:\/\/git.kernel.org\/stable\/c\/3dee9d0c198faeb95d052c1b94c2958751a28512\\nhttps:\/\/git.kernel.org\/stable\/c\/899ee91156e57784090c5565e4f31bd7dbffbc5a”,”id”:”CVE-2026-46331″,”bulletinFamily”:””,”cwe”:null,”cvelist”:null,”sourceData”:”Linux Linux 8b796475fd7882663a870456466a4fb315cc1bd6\\nLinux Linux 8b796475fd7882663a870456466a4fb315cc1bd6\\nLinux Linux 8b796475fd7882663a870456466a4fb315cc1bd6\\nLinux Linux 8b796475fd7882663a870456466a4fb315cc1bd6\\nLinux Linux d0c38a914b0c4c21d553da801003d36979016726\\nLinux Linux 2ec2dd7d51a9320151f275ddbb2b53260fb32ca1\\nLinux Linux abe35bf3be51482593076d516a680d79e5fbc8e1\\nLinux Linux b773640d5bb9e2acfd91e2695717af04d47aa116\\nLinux Linux c19cc520b3d69904e9518d401ad0df7f4702aca0\\nLinux Linux 4.19.244\\nLinux Linux 5.4.195\\nLinux Linux 5.10.117\\nLinux Linux 5.15.41\\nLinux Linux 5.17.9\\nLinux Linux 5.18″,”sourceHref”:””,”cvss”:{“score”:7.8,”severity”:”HIGH”,”vector”:”CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”Linux”,”version”:”8b796475fd7882663a870456466a4fb315cc1bd6″,”vendor”:”Linux”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet\/sched: fix pedit partial COW leading to page cache corruption\\n\\ntcf_pedit_act() computes the COW range for skb_ensure_writable()\\nonce…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,28,12,15,13,7,11,5],"class_list":["post-66645","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-78","tag-exploit","tag-high","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n