SB2026052859 - Out-of-bounds read in Linux kernel misc ibmasm driver
Published: May 28, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Out-of-bounds read (CVE-ID: CVE-2026-46022)
CWE-ID: CWE-125 - Out-of-bounds read
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote user to cause a denial of service.
The vulnerability exists due to an out-of-bounds read in ibmasm_handle_mouse_interrupt() when handling a mouse interrupt with out-of-range queue reader or writer indices from MMIO registers. A remote privileged user can write a crafted out-of-range value to the reader or writer MMIO register before asserting an interrupt to cause a denial of service.
For sufficiently large index values, the resulting MMIO access can fall outside the PCI BAR mapping and trigger a machine check exception.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/07c4f18b303106e6b24492c12b95d48a4b985841
- https://git.kernel.org/stable/c/1ca75f6b74ec7f685464e5745ecfcf3a76d284e9
- https://git.kernel.org/stable/c/22a16d3eafee92a165c756081587c95850127107
- https://git.kernel.org/stable/c/4b6e6ead556734bdc14024c5f837132b1e7a4b84
- https://git.kernel.org/stable/c/fc7e9a74e32299d7e93e178ca482a0b59ef1595b