CVE-2026-46075
mediumVulnerability Report
Generated by CyberWatcher
Description
A flaw was found in the Linux kernel, specifically within the `atmel-sha204a` cryptographic hardware random number generator (hwrng) driver. During the device removal process, a race condition can occur where a queued callback might execute while the device is being torn down. This can lead to a Use-After-Free (UAF) vulnerability, potentially allowing an attacker to execute arbitrary code or cause a denial of service. Additionally, an issue with early returns in the removal path could prevent proper freeing of resources, resulting in a memory leak.
CWE
CWE-364Affected Products
Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9