CVE-2026-46168

Source
https://cve.org/CVERecord?id=CVE-2026-46168
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46168.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-46168
Downstream
Related
Published
2026-05-28T09:36:23.394Z
Modified
2026-07-08T08:13:41.051660808Z
Summary
mptcp: fix scheduling with atomic in timestamp sockopt
Details

In the Linux kernel, the following vulnerability has been resolved:

mptcp: fix scheduling with atomic in timestamp sockopt

Using locksockfast() (atomic context) around socksettimestamp() and socksettimestamping() is unsafe, as both helpers can sleep.

Replace locksockfast() with sleepable locksock()/releasesock() to avoid scheduling while atomic panic.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46168.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
9061f24bf82ec2e92dd1e7c10b98b680db023d31
Fixed
0949d8bbbedbafe0136a1723c41eb823c2f1e09d
Fixed
e792cfb6aeaf65612cdf8e3ac431d65e66283654
Fixed
ebeb70e29e37cfce899309cc2665a3bfe960ed94
Fixed
b157dab93a7af44a84e78cf0cb311dde475cff5b
Fixed
8a005fe451c73fd2b3d1faa5643c11e6bd07acfc
Fixed
7eb513b42721bee4b96da69f6188d5a7783f210d
Fixed
b5c52908d52c6c8eb8933264aa6087a0600fd892

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46168.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.14.0
Fixed
5.15.209
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.175
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.140
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.88
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.30
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.7

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46168.json"