{"@context":"https://openvex.dev/ns/v0.2.0","@id":"https://database.harborguard.co/cve/CVE-2026-46319/vex.json","author":"HarborGuard Database","role":"Document Creator","timestamp":"2026-06-14T04:30:13.452Z","version":1,"tooling":"HarborGuard Database (https://database.harborguard.co)","statements":[{"vulnerability":{"name":"CVE-2026-46319","@id":"https://www.cve.org/CVERecord?id=CVE-2026-46319","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_ct: Only release RCU read lock after ct_ft\n\nWhen looking up a flow table in act_ct in tcf_ct_flow_table_get(),\nrhashtable_lookup_fast() internally opens and closes an RCU read critical\nsection before returning ct_ft.\nThe tcf_ct_flow_table_cleanup_work() can complete before refcount_inc_not_zero()\nis invoked on the returned ct_ft resulting in a UAF on the already freed ct_ft\nobject. This vulnerability can lead to "},"products":[{"@id":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:linux:linux:5.7:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:5.7:*:*:*:*:*:*:*"}}],"status":"affected","action_statement":"Update to a fixed version: 0, 17dfb67cb399b660105d9a8c6100851c0d0cdc70, 3e20e1b3058e0b94638e7b931c138e840e266724, 4c727c6967a41b37efe0f26332ca9ec5b74785a3, 5.10.258, 5.15.209, 6.1.175, 6.6.141, 6.12.91, 6.18.33, 67c9ecc9f2575273ed1323e312881fc98ac83d6d, 7.0.10, 7.1-rc1, a2e0c045c87aa252eb61412e67dd91f2c2b19f81, ece578ca61e572df96cfc80456357ebfae0b4b9e, f23424a0ddadb494d4bd57056a7ca703312d3a7b, f462dca0c8415bf0058d0ffa476354c4476d0f09.","timestamp":"2026-06-14T04:30:13.452Z"}]}