CVE-2026-46147

🗓️ 28 May 2026 09:36:03Reported by LinuxType

This patch fixes pin leak and publication order in KVM arm64 vCPU initialization.

Reporter	Title	Published	Views	Family All 147
Tenable Nessus	Amazon Linux 2023 : bpftool6.18, kernel6.18, kernel6.18-devel (ALAS2023-2026-1754)	27 May 202600:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2026-46147	29 May 202600:00	–	nessus
CNNVD	Linux kernel 安全漏洞	28 May 202600:00	–	cnnvd
Cvelist	CVE-2026-46147 KVM: arm64: Fix pin leak and publication ordering in __pkvm_init_vcpu()	28 May 202609:36	–	cvelist
Debian CVE	CVE-2026-46147	28 May 202609:36	–	debiancve
EUVD	EUVD-2026-32774	28 May 202609:36	–	euvd
NVD	CVE-2026-46147	28 May 202610:16	–	nvd
OSV	BELL-CVE-2026-46147	2 Jun 202606:11	–	osv
OSV	DEBIAN-CVE-2026-46147	28 May 202610:16	–	osv
OSV	OPENSUSE-SU-2026:10954-1 kernel-devel-7.0.11-1.1 on GA media	4 Jun 202600:00	–	osv

NVD

Vulners

CNA

Node

linux linux_kernelRange<6.18.30

linux linux_kernelRange6.19–7.0.7

linux linux_kernelMatch7.1rc1

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "arch/arm64/kvm/hyp/nvhe/pkvm.c"
    ],
    "versions": [
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "7d3c27b54253cda91dc4d2c1bfc109c490837ab9",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "6d69c0ed978f7f0efd053fc98390f25ab77c1aea",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "73b9c1e5da84cd69b1a86e374e450817cd051371",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0",
        "lessThan": "6.18.30",
        "status": "affected",
        "versionType": "semver"
      },
      {
        "version": "0",
        "lessThan": "7.0.7",
        "status": "affected",
        "versionType": "semver"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "arch/arm64/kvm/hyp/nvhe/pkvm.c"
    ],
    "versions": [
      {
        "version": "6.18.30",
        "lessThanOrEqual": "6.18.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.0.7",
        "lessThanOrEqual": "7.0.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.1",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/73b9c1e5da84cd69b1a86e374e450817cd051371
git	www.git.kernel.org/stable/c/7d3c27b54253cda91dc4d2c1bfc109c490837ab9
git	www.git.kernel.org/stable/c/6d69c0ed978f7f0efd053fc98390f25ab77c1aea

17 Jun 2026 10:53Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.15.5

EPSS0.00126

CWE-401