GHSA-qcxh-2cm7-9fcc · 深刻度: critical — In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop...
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgic_its_invalidate_cache() walks the per-ITS translation cache with xa_for_each() and drops the cache's reference on each entry with vgic_put_irq(). It puts the iterated pointer, though, rather than the value returned by xa_erase(). The function is called from contexts that do not exclude one another: the ITS command handlers hold its_lock, the GITS_CTLR write path holds cmd_lock, and the path that clears EnableLPIs in a redistributor's GICR_CTLR holds neither. Two or more of them can drain the same cache concurrently, and if each one observes the same entry, erases it and then puts it, the single reference the cache holds on that entry is dropped more than once. The entry can then be freed while an ITE still maps it. xa_erase() is atomic and returns the previous entry, so put only the entry that this context actually removed. The cache reference is then dropped exactly once per entry even when the invalidations run concurrently, and the behavior is unchanged when only one context runs.
総合評価: CVE-2026-46316 は中リスク(40.9/100)。CVSS 深刻度は重大。悪用される可能性が高い(EPSS 0.20%、10 パーセンタイル) 推奨対応: 影響資産を整理し、修補計画に組み込んでください。
リスクは変動します。再評価に基づき、本ページの表示内容を更新しています。
EPSS は日次で悪用されやすさの相対度合いを推定します。パーセンタイルは採点済み CVE の中での相対位置(高いほど相対的に深刻)を示します。
| # | 日付 | 旧 EPSS スコア | 新 EPSS スコア | Δ(新 − 旧) |
|---|---|---|---|---|
| 1 | 2026-06-23 | 0.13% | 0.20% | +0.07% |
| 2 | 2026-06-15 | 0.02% | 0.13% | +0.11% |
| 3 | 2026-06-10 | — | 0.02% | — |
EPSS の全履歴 (全 3 件)
この CVE の CVSS 指標。
| ベーススコア | バージョン | 深刻度 | ベクトル | 悪用しやすさ | 影響 | スコアの出典 |
|---|---|---|---|---|---|---|
| 9.3 | 3.1 | CRITICAL |
|
2.5 | 6.0 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| 7.0 | 3.1 | HIGH |
|
1.0 | 5.9 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c |
GHSA-qcxh-2cm7-9fcc · 深刻度: critical — In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop...
| vendor | priority | summary | link |
|---|---|---|---|
debian
|
unimportant | CVE-2026-46316 unimportant priority: Debian including 1 source packages (linux), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. | https://security-tracker.debian.org/tracker/CVE-2026-46316 |
redhat
|
medium | — | https://access.redhat.com/security/cve/CVE-2026-46316 |
suse
|
high | — | https://www.suse.com/security/cve/CVE-2026-46316/ |
ubuntu
|
medium | CVE-2026-46316 medium priority: Ubuntu including 161 source packages (linux, linux-allwinner-5.19, …), 1449 status rows across 9 suites (bionic, focal, jammy, noble, questing, resolute, trusty, upstream, xenial): DNE 1044, ignored 172, not-affected 113, released 106, pending 9, needed 4, needs-triage 1. | https://ubuntu.com/security/CVE-2026-46316 |
| ベンダー | 製品 | バージョン | 生の CPE |
|---|---|---|---|
| linux | linux_kernel | >= 6.10, < 6.12.93 | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | >= 6.10, < 6.18.35 | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | >= 6.10, < 7.0.12 | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | >= 6.10, < 7.1 | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |