CVE-2026-31398Improper Preservation of Permissions in Linux

CWE-281Improper Preservation of Permissions7 documents7 sources
Severity
7.0HIGH
No vector
EPSS
0.0%
top 94.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedApr 3

Description

In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fix incorrect pte restoration for lazyfree folios We batch unmap anonymous lazyfree folios by folio_unmap_pte_batch. If the batch has a mix of writable and non-writable bits, we may end up setting the entire batch writable. Fix this by respecting writable bit during batching. Although on a successful unmap of a lazyfree folio, the soft-dirty bit is lost, preserve it on pte restoration by respecting the bit during bat

Affected Packages3 packages

Debianlinux/linux_kernel< 6.19.10-1
CVEListV5linux/linux354dffd29575cdf13154e8fb787322354aa9efc499888a4f340ca8e839a0524556bd4db76d63f4e0+3
debiandebian/linux< linux 6.19.10-1 (forky)

🔴Vulnerability Details

2
GHSA
GHSA-pvqr-5pwq-xc53: In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fix incorrect pte restoration for lazyfree folios We batch unmap anonym2026-04-03
OSV
CVE-2026-31398: In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fix incorrect pte restoration for lazyfree folios We batch unmap anonymou2026-04-03

📋Vendor Advisories

2
Red Hat
kernel: mm/rmap: fix incorrect pte restoration for lazyfree folios2026-04-03
Debian
CVE-2026-31398: linux - In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fi...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-31398 Impact, Exploitability, and Mitigation Steps | Wiz

💬Community

1
Bugzilla
CVE-2026-31398 kernel: mm/rmap: fix incorrect pte restoration for lazyfree folios2026-04-03