Out-of-Bounds Buffer Access in Linux Kernel Affects Device Drivers
CVE-2026-46197

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 May 2026

What is CVE-2026-46197?

A vulnerability exists in the Linux kernel that permits out-of-bounds buffer access due to inadequate validation of the 'nattr' field against buffer size during SVM ioctl operations. This flaw could potentially be exploited through user-controlled attribute count, leading to unexpected behavior or system crashes. Proper validation mechanisms have been established to avert this security issue, ensuring enhanced integrity and stability of device drivers.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 91c6dc5a41695d02dfc6299f106ac38a6c493e52

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/91c6dc5a41695d02dfc6299f1...

https://git.kernel.org/stable/c/ccd060b5c7cc75ae7e211c250...

https://git.kernel.org/stable/c/db9530a9873a7c85d2266a922...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46197 Data

JSON