VYPR
Medium severity5.5NVD Advisory· Published May 27, 2026· Updated Jun 16, 2026

CVE-2026-46040

CVE-2026-46040

Description

In the Linux kernel, the following vulnerability has been resolved:

inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails

When fsnotify_add_inode_mark_locked() fails in inotify_new_watch(), the error path calls inotify_remove_from_idr() but does not call dec_inotify_watches() to undo the preceding inc_inotify_watches(). This leaks a watch count, and repeated failures can exhaust the max_user_watches limit with -ENOSPC even when no watches are active.

Prior to commit 1cce1eea0aff ("inotify: Convert to using per-namespace limits"), the watch count was incremented after fsnotify_add_mark_locked() succeeded, so this path was not affected. The conversion moved inc_inotify_watches() before the mark insertion without adding the corresponding rollback.

Add the missing dec_inotify_watches() call in the error path.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.