CVE-2026-46169

🗓️ 28 May 2026 09:36:24Reported by LinuxType

Fix KMSAN uninit data in hfsplus by validating catalog record sizes with a read/validate wrapper.

Reporter	Title	Published	Views	Family All 76
ATTACKERKB	CVE-2026-46169	28 May 202609:36	–	attackerkb
CNNVD	Linux kernel 安全漏洞	28 May 202600:00	–	cnnvd
Cvelist	CVE-2026-46169 hfsplus: fix uninit-value by validating catalog record size	28 May 202609:36	–	cvelist
Debian CVE	CVE-2026-46169	28 May 202609:36	–	debiancve
EUVD	EUVD-2026-32796	28 May 202609:36	–	euvd
NVD	CVE-2026-46169	28 May 202610:16	–	nvd
OSV	BELL-CVE-2026-46169	29 May 202606:09	–	osv
OSV	DEBIAN-CVE-2026-46169	28 May 202610:16	–	osv
OSV	ECHO-B4A5-7AE9-C01C	28 May 202623:19	–	osv
OSV	OPENSUSE-SU-2026:10954-1 kernel-devel-7.0.11-1.1 on GA media	4 Jun 202600:00	–	osv

NVD

Vulners

CNA

Node

linux linux_kernelRange2.6.12.1–6.6.140

linux linux_kernelRange6.7–6.12.88

linux linux_kernelRange6.13–6.18.30

linux linux_kernelRange6.19–7.0.7

linux linux_kernelMatch2.6.12-

linux linux_kernelMatch2.6.12rc2

linux linux_kernelMatch2.6.12rc3

linux linux_kernelMatch2.6.12rc4

linux linux_kernelMatch2.6.12rc5

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/hfsplus/bfind.c",
      "fs/hfsplus/catalog.c",
      "fs/hfsplus/dir.c",
      "fs/hfsplus/hfsplus_fs.h",
      "fs/hfsplus/super.c"
    ],
    "versions": [
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "3003dbf62d151d47a6b90f71655292a51a05f244",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "8be69532e399eec9d9d990f6958b4ff2383b19b3",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "3bc337697c66db2e2a4a94f0509c282c1a014b86",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "61a790974ff7e533acbceca06c7d02f22bf96d4d",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "c91bbd6193c70a02c50c22e0fb1f60c3c5bd053a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "a420904450962a562ad053a41a53a27755021b48",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "93e8d613f1a01b6637f387cc93f184cf7fb881d6",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "b6b592275aeff184aa82fcf6abccd833fb71b393",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/hfsplus/bfind.c",
      "fs/hfsplus/catalog.c",
      "fs/hfsplus/dir.c",
      "fs/hfsplus/hfsplus_fs.h",
      "fs/hfsplus/super.c"
    ],
    "versions": [
      {
        "version": "2.6.12",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "2.6.12",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.10.259",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.210",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.176",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.140",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.88",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.18.30",
        "lessThanOrEqual": "6.18.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.0.7",
        "lessThanOrEqual": "7.0.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.1",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/c91bbd6193c70a02c50c22e0fb1f60c3c5bd053a
git	www.git.kernel.org/stable/c/3003dbf62d151d47a6b90f71655292a51a05f244
git	www.git.kernel.org/stable/c/3bc337697c66db2e2a4a94f0509c282c1a014b86
git	www.git.kernel.org/stable/c/a420904450962a562ad053a41a53a27755021b48
git	www.git.kernel.org/stable/c/8be69532e399eec9d9d990f6958b4ff2383b19b3
git	www.git.kernel.org/stable/c/61a790974ff7e533acbceca06c7d02f22bf96d4d
git	www.git.kernel.org/stable/c/93e8d613f1a01b6637f387cc93f184cf7fb881d6
git	www.git.kernel.org/stable/c/b6b592275aeff184aa82fcf6abccd833fb71b393

19 Jun 2026 13:16Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.15.5

EPSS0.00136

CWE-908