CVE-2026-46264

medium Red Hat
Published: June 3, 2026 (37 days ago)
Last Modified: June 3, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in the Linux kernel's drm/xe/pf component. This vulnerability arises during the initialization of the sysfs interface, where an error in `devm_add_action_or_reset()` can cause a cleanup action to execute on an uninitialized kernel object. This can lead to a use-after-free condition, which may allow a local attacker to cause a system crash (Denial of Service) or potentially escalate their privileges.

CWE

CWE-824

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References