Multiple Critical Flaws Found in Recent Linux Kernels

On May 27, 2026, security firm vuldb.com reported a trio of critical vulnerabilities affecting several recent versions of the Linux kernel. These aren't the kind of flaws that let attackers walk in off the internet, but they present serious risks for compromised systems or malicious local users, ranging from denial-of-service to potential arbitrary code execution.

The revelations highlight the continuous cat-and-mouse game inherent in maintaining the security of an operating system as widely deployed as Linux. While the kernel's open-source nature often means vulnerabilities are found and fixed quickly, these newly published CVEs remind us that even the most scrutinized codebases have their weak spots.

The New Crop of Kernel Bugs

Let's break down what's been found. First up, CVE-2026-46052 points to an infinite loop bug within the kernel's `d_add` function. This flaw, deemed critical, affects kernels up to versions 6.6.139, 6.12.85, 6.18.26, and 7.0.3. An attacker with access to the local network could trigger this, effectively causing a denial-of-service (DoS) as the system gets stuck in a loop, unable to process other tasks. Imagine a server suddenly becoming unresponsive because a malicious actor on the same internal network decided to mess with a core filesystem operation.

Then there's CVE-2026-46042, a critical memory leak found in the `weighted_interleave_auto_store` function. This one impacts a slightly narrower range of recent kernels: up to 6.18.26 and 7.0.3. A memory leak might not sound as immediately catastrophic as an infinite loop, but over time, it can degrade system performance, crash services, or even disclose sensitive information by making parts of memory readable that shouldn't be. The source notes that the attack must originate from the loopback interface (`lo`), meaning it requires execution on the local machine itself, likely by a privileged user or a compromised application.

Rounding out this trio is CVE-2026-46064, a heap-based buffer overflow in the `ibmasm_send_i2o_message` function. This vulnerability, also rated critical, targets the same broad set of kernels as the infinite loop bug (up to 6.6.139, 6.12.85, 6.18.26, and 7.0.3). Heap overflows are particularly dangerous because they can allow an attacker to write data beyond an allocated memory buffer, potentially corrupting other data structures or even injecting and executing arbitrary code. While the exact attack vector isn't fully detailed in the source, it's generally safe to assume such flaws require specific local or privileged conditions to exploit, similar to the other two.

Implications and What's Next

It’s important to note the common thread here: all three vulnerabilities appear to require some form of local access or specific conditions to be exploited. This means they aren't directly exploitable from the open internet, which is a small comfort. However, they are still incredibly serious. A local privilege escalation (LPE) vulnerability allows a low-privileged user or a piece of malware to gain root access, taking full control of the system. In cloud environments or shared hosting, an LPE can lead to container escapes or compromise of neighboring virtual machines.

For system administrators and developers, these reports mean a busy period ahead. Kernel updates are frequent, but applying them across an entire fleet of servers or devices takes planning. We’ll be watching for official patches from major Linux distributions like Red Hat, Ubuntu, Debian, and Fedora, which usually incorporate these fixes quickly after they become public. The fact that vuldb.com has assigned CVEs and published these details on May 27, 2026, suggests that the information is now broadly available to both defenders and potential attackers.

Why it matters: These vulnerabilities, while not remotely exploitable in the classic sense, provide powerful tools for attackers who have already gained a foothold on a system. Whether it's to elevate privileges, cause widespread disruption, or steal data, these critical flaws demand attention. Keeping Linux systems patched, even minor version bumps, is crucial for maintaining a strong security posture against both known threats and these freshly discovered ones.