Copyright © 2012 Red Hat, Inc. All rights reserved.
Important
2026-05-27T00:00:00
kernel: selinux: fix overlayfs mmap() and mprotect() access checks
7.0
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-280
In the Linux kernel, the following vulnerability has been resolved:
selinux: fix overlayfs mmap() and mprotect() access checks
The existing SELinux security model for overlayfs is to allow access if
the current task is able to access the top level file (the "user" file)
and the mounter's credentials are sufficient to access the lower
level file (the "backing" file). Unfortunately, the current code does
not properly enforce these access controls for both mmap() and mprotect()
operations on overlayfs filesystems.
This patch makes use of the newly created security_mmap_backing_file()
LSM hook to provide the missing backing file enforcement for mmap()
operations, and leverages the backing file API and new LSM blob to
provide the necessary information to properly enforce the mprotect()
access controls.
A flaw was found in the Linux kernel's SELinux security module when handling overlayfs. The existing security model for overlayfs does not properly enforce access controls for `mmap()` and `mprotect()` operations. This oversight could allow a local attacker to bypass intended security policies, potentially leading to unauthorized access to files within an overlayfs filesystem. The vulnerability is resolved by enhancing backing file enforcement for `mmap()` and leveraging new LSM (Linux Security Module) capabilities for `mprotect()` access controls.
Red Hat Enterprise Linux 10
Affected
kernel
Red Hat Enterprise Linux 6
Under investigation
kernel
Red Hat Enterprise Linux 7
Affected
kernel
Red Hat Enterprise Linux 7
Affected
kernel-rt
Red Hat Enterprise Linux 8
Affected
kernel
Red Hat Enterprise Linux 8
Affected
kernel-rt
Red Hat Enterprise Linux 9
Affected
kernel
Red Hat Enterprise Linux 9
Affected
kernel-rt
https://www.cve.org/CVERecord?id=CVE-2026-46054
https://nvd.nist.gov/vuln/detail/CVE-2026-46054
https://lore.kernel.org/linux-cve-announce/2026052754-CVE-2026-46054-b185@gregkh/T