CVE-2026-46104 | selinux: use sk blob accessor in socket permission helpers

In the Linux kernel, the following vulnerability has been resolved: selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sock_has_perm() and nlmsg_sock_has_extended_perms() currently dereference sk->sk_security directly, which assumes the SELinux socket blob is at offset zero. In stacked configurations that assumption does not hold. If another LSM allocates socket blob storage before SELinux, these helpers may read the wrong blob and feed invalid SID and class values into AVC checks. Use selinux_sock() instead of accessing sk->sk_security directly.

Published: 2026-05-28 Last update: 2026-05-28 Assigner: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

NVD Status：Awaiting Analysis，CVE State: published

View at NVD, CVE.org, EUVD

Conclusion & alert: CVE-2026-46104 is rated Low Risk (4.3/100): low exploitation likelihood (EPSS 0.02%). Mandatory action: Low composite risk—no urgent action required; patch on your normal maintenance cycle and revisit priority if CVSS or EPSS increases.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2026-46104

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-05-28	—	0.02%	—

Full EPSS history (1 record total)

Common vulnerability scoring system (CVSS) metrics for CVE-2026-46104

CVSS metrics for this CVE.

No CVSS data in dataset for this CVE.

Weakness enumeration for CVE-2026-46104

GitHub Security Advisory for CVE-2026-46104

GHSA-h7hm-vjhc-hcgc · Severity: unknown — In the Linux kernel, the following vulnerability has been resolved: selinux: use sk blob...

OS Trackers for CVE-2026-46104

vendor	priority	summary	link
`debian`	unimportant	CVE-2026-46104 unimportant priority: Debian including 1 source packages (linux), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.	https://security-tracker.debian.org/tracker/CVE-2026-46104
`redhat`	medium	—	https://access.redhat.com/security/cve/CVE-2026-46104
`suse`	medium	CVE-2026-46104 severity moderate: SUSE including 7 source package names (kernel-default, kernel-default-base, …), 21 product×package rows across 6 product lines (SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE, SUSE Linux Enterprise Server 16.0, … (6 product lines)): Known Not Affected 21.	https://www.suse.com/security/cve/CVE-2026-46104/

Affected software / configurations for CVE-2026-46104

Vendor	Product	Version	Raw CPE
No affected products in dataset.

References for CVE-2026-46104

URL	Tags
https://git.kernel.org/stable/c/032e70aff025d7c519af9ab791cd084380619263
https://git.kernel.org/stable/c/7eca71f57f194c1638ebb7f4097d6be8fd04c101
https://git.kernel.org/stable/c/d350fef4bc2467fe1bce15f7a20fe60e01ce41ad

cvelogic Threat Intelligence