{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T23:55:42.920","vulnerabilities":[{"cve":{"id":"CVE-2026-23056","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-02-04T17:16:16.273","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nuacce: implement mremap in uacce_vm_ops to return -EPERM\n\nThe current uacce_vm_ops does not support the mremap operation of\nvm_operations_struct. Implement .mremap to return -EPERM to remind\nusers.\n\nThe reason we need to explicitly disable mremap is that when the\ndriver does not implement .mremap, it uses the default mremap\nmethod. This could lead to a risk scenario:\n\nAn application might first mmap address p1, then mremap to p2,\nfollowed by munmap(p1), and finally munmap(p2). Since the default\nmremap copies the original vma's vm_private_data (i.e., q) to the\nnew vma, both munmap operations would trigger vma_close, causing\nq->qfr to be freed twice(qfr will be set to null here, so repeated\nrelease is ok)."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nuacce: implementar mremap en uacce_vm_ops para devolver -EPERM\n\nEl uacce_vm_ops actual no soporta la operación mremap de vm_operations_struct. Implementar .mremap para devolver -EPERM para recordar a los usuarios.\n\nLa razón por la que necesitamos deshabilitar explícitamente mremap es que cuando el controlador no implementa .mremap, utiliza el método mremap predeterminado. Esto podría llevar a un escenario de riesgo:\n\nUna aplicación podría primero mmap la dirección p1, luego mremap a p2, seguido de munmap(p1), y finalmente munmap(p2). Dado que el mremap predeterminado copia el vm_private_data del vma original (es decir, q) al nuevo vma, ambas operaciones munmap activarían vma_close, causando que q->qfr se libere dos veces (qfr se establecerá en nulo aquí, por lo que la liberación repetida está bien)."}],"metrics":{},"references":[{"url":"https://git.kernel.org/stable/c/02695347be532b628f22488300d40c4eba48b9b7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/4c042bc71474dbe417c268f4bfb8ec196f802f07","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/75b29bdc935ff93b8e8bf6f6b4d8a4810b26e06f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/78d99f062d42e3af2ca46bde1a8e46e0dfd372e3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/a407ddd61b3e6afc5ccfcd1478797171cf5686ee","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/ba29b59d124e725e0377f09b2044909c91d657a1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/ebfa85658a39b49ec3901ceea7535b73aa0429e6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}}]}