CVE-2026-46331: Linux net/sched Pedit Page Cache Bug
🟠 High | Source: Microsoft Security Response Center CVE-2026-46331 is a Linux kernel vulnerability in the network packet scheduler (net/sched) subsystem, specifically in the ‘pedit’ action, where an incomplete copy-on-write operation can corrupt the page cache. This can lead to memory corruption affecting workloads sharing kernel resources. The issue is relevant to Azure environments where Linux-based virtual machines or container workloads run on shared kernel infrastructure. Security Architect’s Take: Ensure all Linux-based Azure VMs and AKS node pools are running patched kernel versions as soon as Microsoft and upstream distributions release fixes; prioritise workloads with network policy enforcement or traffic shaping configurations that use tc/pedit rules, as these are most directly exposed. ...