Linux Kernel Vulnerability in drm/msm/gem Affecting Error Handling
CVE-2026-46211

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 May 2026

What is CVE-2026-46211?

A vulnerability exists in the Linux kernel's drm/msm/gem module where the function msm_ioctl_gem_info_get_metadata() fails to accurately report errors. It erroneously returns a success status (0) regardless of whether operations like copy_to_user() are successful, misleading userspace applications. Furthermore, a lack of error checking on the kmemdup() function can lead to a NULL pointer dereference, potentially causing crashes. The issue has been addressed by ensuring proper return codes are used and by adding necessary NULL checks.

Affected Version(s)

Linux 9902cb999e4e913d98e8afe4b36c08e4a793e1ce < 697e1a9559f6962f999cc4c748c2ffffcc0a7a7a

Linux 9902cb999e4e913d98e8afe4b36c08e4a793e1ce

References

https://git.kernel.org/stable/c/697e1a9559f6962f999cc4c74...

https://git.kernel.org/stable/c/c57c861956b89f2e2528e6384...

https://git.kernel.org/stable/c/b079e85c91f446f29e808d829...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46211 Data

JSON