CVE-2026-46065
Published: May 27, 2026
Modified: May 30, 2026
CVSS v3.1
7.8
Description
In the Linux kernel, the following vulnerability has been resolved: fbdev: defio: Disconnect deferred I/O from the lifetime of struct fb_info Hold state of deferred I/O in struct fb_deferred_io_state. Allocate an instance as part of initializing deferred I/O and remove it only after the final mapping has been closed. If the fb_info and the contained deferred I/O meanwhile goes away, clear struct fb_deferred_io_state.info to invalidate the mapping. Any access will then result in a SIGBUS signal. Fixes a long-standing problem, where a device hot-unplug happens while user space still has an active mapping of the graphics memory. The hot- unplug frees the instance of struct fb_info. Accessing the memory will operate on undefined state.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 60b59beafba875aef6d378078bce0baf2287ae14 - < 2a40f8bc9bb713329f1c35ffc199ee961a7135b0affected 60b59beafba875aef6d378078bce0baf2287ae14 - < 2b53d3a52e8e5403a4f4fb57ac6cad3fd2cb1066affected 60b59beafba875aef6d378078bce0baf2287ae14 - < 25c2b77bc463f29ee71a54b883548baf9386a0dbaffected 60b59beafba875aef6d378078bce0baf2287ae14 - < a0aafb421dd15e935d81543152617f2742cefa70affected 60b59beafba875aef6d378078bce0baf2287ae14 - < 9ded47ad003f09a94b6a710b5c47f4aa5ceb7429 |
Linux | Linux | affected 2.6.22unaffected 0 - < 2.6.22unaffected 6.6.140 - <= 6.6.*unaffected 6.12.88 - <= 6.12.*unaffected 6.18.30 - <= 6.18.*+2 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now