CVE-2026-46267

medium Red Hat
Published: June 3, 2026 (37 days ago)
Last Modified: June 3, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in the Linux kernel's Near Field Communication (NFC) Host Controller Interface (HCI) Synchronous High-level Data Link Control (SHDLC) subsystem. This vulnerability arises because timers and work items can remain active and access freed SHDLC state and data queues during the deinitialization process (`llc_shdlc_deinit()`). This can lead to a Use-After-Free (UAF) condition and other shutdown race issues, potentially causing system instability or crashes.

CWE

CWE-364

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References