{"@context":"https://openvex.dev/ns/v0.2.0","@id":"https://database.harborguard.co/cve/CVE-2026-46317/vex.json","author":"HarborGuard Database","role":"Document Creator","timestamp":"2026-06-14T04:30:12.036Z","version":1,"tooling":"HarborGuard Database (https://database.harborguard.co)","statements":[{"vulnerability":{"name":"CVE-2026-46317","@id":"https://www.cve.org/CVERecord?id=CVE-2026-46317","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Reassign nested_mmus array behind mmu_lock\n\nkvm->arch.nested_mmus[] is walked under kvm->mmu_lock, including from the\nMMU notifier path (kvm_unmap_gfn_range() -> kvm_nested_s2_unmap()), which\ncan run at any time. kvm_vcpu_init_nested() reallocates the array and frees\nthe old buffer while holding only kvm->arch.config_lock, so such a walker\ncan reference the freed array.\n\nAllocate the new array outside of mmu_lock, a"},"products":[{"@id":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:linux:linux:6.11:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:6.11:*:*:*:*:*:*:*"}}],"status":"affected","action_statement":"Update to a fixed version: 0, 4424dbcb06d68e34e51c019a5781a7dc00731971, 6.18.35, 7.0.12, 7.1-rc7, 70543358fa08e0f7cebc3447c3b70fe97ad7aaa8, 918450ad6010df6ecd2efde12a1409e011da22d6.","timestamp":"2026-06-14T04:30:12.036Z"}]}