CVE-2026-46075

medium Red Hat
Published: May 27, 2026 (44 days ago)
Last Modified: May 27, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in the Linux kernel, specifically within the `atmel-sha204a` cryptographic hardware random number generator (hwrng) driver. During the device removal process, a race condition can occur where a queued callback might execute while the device is being torn down. This can lead to a Use-After-Free (UAF) vulnerability, potentially allowing an attacker to execute arbitrary code or cause a denial of service. Additionally, an issue with early returns in the removal path could prevent proper freeing of resources, resulting in a memory leak.

CWE

CWE-364

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References