CVE-2026-46141

medium Red Hat
EPSS Score
0.0%
Exploitation probability in 30 days
Top 96% most likely to be exploited
Published: May 28, 2026 (43 days ago)
Last Modified: May 28, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in the Linux kernel's powerpc/xive interrupt controller. This vulnerability, identified as a kernel memory leak (kmemleak), occurs when allocating Message Signaled Interrupts eXtended (MSI-X) vectors for NVMe devices. Due to an incorrect lookup of interrupt data, the `xive_irq_data` structure is not properly freed, leading to a gradual consumption of kernel memory. Over time, this memory leak could potentially lead to system instability or a denial of service (DoS).

CWE

CWE-763

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References