NULL Pointer Dereference in Linux Kernel Affecting WPCM-FIU
CVE-2026-46261

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 3 June 2026

What is CVE-2026-46261?

A vulnerability exists in the Linux kernel related to the WPCM-FIU, where the function platform_get_resource_byname() may return a NULL value. This could lead to a NULL pointer dereference when this pointer is passed to resource_size(), potentially causing a system crash. The fix involves moving the assignment of fiu->memory_size to occur after performing an error check on devm_ioremap_resource(), ensuring that such dereferences are handled safely.

Affected Version(s)

Linux 9838c182471ee5532824bae7f2669d3539719f78 < 9e5cb7e67fbdb8320d68d87db882a92b36f6a1d9

Linux 9838c182471ee5532824bae7f2669d3539719f78 < 2c538a0b3472e99c892c26f4940da38b7d87f632

Linux 9838c182471ee5532824bae7f2669d3539719f78 < 0f93a80eb3fd596ddc5730d05e0e8c88e1aa2891

References

https://git.kernel.org/stable/c/9e5cb7e67fbdb8320d68d87db...

https://git.kernel.org/stable/c/2c538a0b3472e99c892c26f49...

https://git.kernel.org/stable/c/0f93a80eb3fd596ddc5730d05...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 3, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46261 Data

JSON