¡¾·ì϶¹«¸æ¡¿Linux Kernel net_sched act_pedit±¾µØÌáȨ·ì϶(CVE-2026-46331)

°ä²¼¹¦·ò 2026-06-17

Ò»¡¢·ì϶¸ÅÊö


0617·ì϶¸ÅÊö.png


Linux KernelÊÇLinux²Ù×÷ϵͳµÄÖ÷Ìâ×é¼þ£¬Õƹܹý³Ìµ÷¶È¡¢ÄÚ´æÖÎÀí¡¢ÍøÂçºÍ̸ջ¼°É豸Çý¶¯µÈ»ù´¡Ö°ÄÜ¡£ÆäÖÐnet/sched×ÓϵͳÌṩÁ÷Á¿½ÚÔìºÍÊý¾Ý°ü±à×ëÄÜÁ¦£¬Ö§³ÖQoS¡¢Traffic Control¹æ¶¨¼°ÍøÂçÕ½ÊõÖÎÀí£¬¿í·ºÀûÓÃÓÚ·þÎñÆ÷¡¢ÔÆÆ½Ì¨¡¢ÈÝÆ÷»·¾³¼°ÍøÂçÉ豸¡£


2026Äê6ÔÂ17ÈÕ£¬mansion88Ã÷Éý°²È«Ó¦¼±ÏìÓ¦ÖÐÐÄ£¨VSRC£©¼à²âµ½Linux Kernel net_sched act_pedit±¾µØÌáȨ·ì϶¡£¸Ã·ì϶λÓÚnet/sched/act_pedit.cÎļþ£¬ÓÉÓÚtcf_pedit_act()ÔÚÖ´ÐÐCopy-On-Write´¦ÖÃʱδ˼¿¼typed keyÔËÐÐÊ±Æ«ÒÆ£¬µ¼Ö²¿ÃÅдÈëÇøÓòδʵÏÖCOW¸´Ô죬´Ó¶ø²úÉúÒ³»º´æ´«È¾ÎÊÌâ¡£¹¥»÷Õß¿ÉÀûÓÃÓû§¶¨Ãû¿Õ¼ä¼°CAP_NET_ADMINȨÏÞ»ú¹Ø¶ñÒâÁ÷Á¿½ÚÔì¹æ¶¨£¬¶ÔÕý±¾Ö»¶ÁÎļþ¶ÔÓ¦µÄÒ³»º´æÄÚÈݽøÐÐÅú¸Ä£¬½øÒ»²½¸²¸ÇSUID·¨Ê½´úÂë²¢Ö´ÐÐËÁÒâÖ¸Á×îÖÕ»ñµÃrootȨÏÞ¡£



¶þ¡¢Ó°ÏìÁìÓò



5.18 <= Linux Kernel < 7.1-rc7

ÒÑÑéÖ¤´æÔÚ·ì϶µÄ»·¾³Ô̺¬£º

RHEL 10.0£¨6.12.0-228.el10£©

Debian 13£¨6.12.90+deb13.1£©

Ubuntu 24.04.4£¨6.17.0-22£©

Ubuntu 26.04£¨7.0.0-14-generic£©»·¾³ÖÐδ³É¹¦ÀûÓÃ



Èý¡¢°²È«´ëÊ©



3.1 Éý¼¶°æ±¾


Linux Kernel¹Ù·½ÒѰ䲼½¨¸´²¹¶¡£¬Ö÷Ì⽨¸´ÌύΪ£º

899ee91156e57784090c5565e4f31bd7dbffbc5a

´Ë±í£¬¹Ù·½Í¬²½°ä²¼Á˲¹³ä½¨¸´Ìá½»£º

d504a978572202ef43ac5ecfec2030adda64b13e

ÏÂÔØÁ´½Ó£º

https://github.com/torvalds/linux/commit/899ee91156e57784090c5565e4f31bd7dbffbc5a/

https://github.com/torvalds/linux/commit/d504a978572202ef43ac5ecfec2030adda64b13e


3.2 һʱ´ëÊ©


ÔÝÎÞ¡£


3.3 ͨÓý¨Òé


¶¨ÆÚ¸üÐÂϵͳ²¹¶¡£¬Ï÷¼õϵͳ·ì϶£¬ÌáÉý·þÎñÆ÷µÄ°²È«ÐÔ¡£

¼ÓǿϵͳºÍÍøÂçµÄ½Ó¼û½ÚÔ죬Åú¸Ä·À»ðǽսÊõ£¬¹Ø¹Ø·Ç±ØÒªµÄÀûÓö˿ڻò·þÎñ£¬Ï÷¼õ½«Î£ÏÕ·þÎñ£¨ÈçSSH¡¢RDPµÈ£©Â¶³öµ½¹«Íø£¬Ï÷¼õ¹¥»÷Ãæ¡£

ʹÓÃÆóÒµ¼¶°²È«²úÆ·£¬ÌáÉýÆóÒµµÄÍøÂ簲ȫ»úÄÜ¡£

¼ÓǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬ÆôÓöà³É·ÖÈÏÖ¤»úÔìºÍ×îÓ×ȨÏÞ×¼Ôò£¬Óû§ºÍÈí¼þȨÏÞӦά³ÖÔÚ×îµÍÏÞ¶È¡£

ÆôÓÃÇ¿ÃÜÂëÕ½Êõ²¢ÉèÖÃΪ¶¨ÆÚÅú¸Ä¡£


3.4 ²Î¿¼Á´½Ó


https://nvd.nist.gov/vuln/detail/CVE-2026-46331/

https://github.com/torvalds/linux/commit/899ee91156e57784090c5565e4f31bd7dbffbc5a

https://github.com/torvalds/linux/commit/d504a978572202ef43ac5ecfec2030adda64b13e

https://github.com/sgkdev/packet_edit_meme