CVE-2026-46147

medium Red Hat
EPSS Score
0.0%
Exploitation probability in 30 days
Top 96% most likely to be exploited
Published: May 28, 2026 (43 days ago)
Last Modified: May 28, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in the Linux kernel's Kernel-based Virtual Machine (KVM) for ARM64 architectures. During the vCPU initialization process, a pin leak can occur, leading to a permanent loss of references to host vCPU and SVE state pages. Additionally, a concurrent process might observe a partially initialized vCPU object due to improper publication ordering. These issues could lead to resource exhaustion and system instability, potentially resulting in a denial of service.

CWE

CWE-772

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References