🟠 High | Source: Microsoft Security Response Center
CVE-2026-46331 is a Linux kernel vulnerability in the network packet scheduler (net/sched) subsystem, specifically in the ‘pedit’ action, where an incomplete copy-on-write operation can corrupt the page cache. This can lead to memory corruption affecting workloads sharing kernel resources. The issue is relevant to Azure environments where Linux-based virtual machines or container workloads run on shared kernel infrastructure.
Security Architect’s Take: Ensure all Linux-based Azure VMs and AKS node pools are running patched kernel versions as soon as Microsoft and upstream distributions release fixes; prioritise workloads with network policy enforcement or traffic shaping configurations that use tc/pedit rules, as these are most directly exposed.
Original advisory: CVE-2026-46331 net/sched: fix pedit partial COW leading to page cache corruption