Out-of-bounds read in Linux kernel - CVE-2026-46022
Published: May 28, 2026
Vulnerability identifier: #VU132472
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-46022
CWE-ID: CWE-125
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a remote user to cause a denial of service.
The vulnerability exists due to an out-of-bounds read in ibmasm_handle_mouse_interrupt() when handling a mouse interrupt with out-of-range queue reader or writer indices from MMIO registers. A remote privileged user can write a crafted out-of-range value to the reader or writer MMIO register before asserting an interrupt to cause a denial of service.
For sufficiently large index values, the resulting MMIO access can fall outside the PCI BAR mapping and trigger a machine check exception.
How to mitigate CVE-2026-46022
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/07c4f18b303106e6b24492c12b95d48a4b985841
- https://git.kernel.org/stable/c/1ca75f6b74ec7f685464e5745ecfcf3a76d284e9
- https://git.kernel.org/stable/c/22a16d3eafee92a165c756081587c95850127107
- https://git.kernel.org/stable/c/4b6e6ead556734bdc14024c5f837132b1e7a4b84
- https://git.kernel.org/stable/c/fc7e9a74e32299d7e93e178ca482a0b59ef1595b