CVE-2026-46034 vfio/cdx: Fix NULL pointer dereference in interrupt trigger path

🗓️ 27 May 2026 12:56:43Reported by LinuxType

Fix NULL pointer dereference in vfio cdx interrupt trigger path by validating MSI before accessing cdx interrupts.

Reporter	Title	Published	Views	Family All 12
CNNVD	Linux kernel 安全漏洞	27 May 202600:00	–	cnnvd
CVE	CVE-2026-46034	27 May 202612:56	–	cve
Debian CVE	CVE-2026-46034	27 May 202612:56	–	debiancve
EUVD	EUVD-2026-32415	27 May 202612:56	–	euvd
NVD	CVE-2026-46034	27 May 202614:17	–	nvd
OSV	BELL-CVE-2026-46034	29 May 202606:10	–	osv
OSV	DEBIAN-CVE-2026-46034	27 May 202614:17	–	osv
OSV	UBUNTU-CVE-2026-46034	27 May 202614:17	–	osv
Positive Technologies	PT-2026-43901	27 May 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-46034	27 May 202620:12	–	redhatcve

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/vfio/cdx/intr.c"
    ],
    "versions": [
      {
        "version": "848e447e000c41894ff931dc7c004fd42c8840f8",
        "lessThan": "51bf7638f33aece41cb3f4cbeb942cc52950e329",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "848e447e000c41894ff931dc7c004fd42c8840f8",
        "lessThan": "5d6c349c9823eb819fed8b537b088cf38126018c",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "848e447e000c41894ff931dc7c004fd42c8840f8",
        "lessThan": "338a736aaf15e8ba3635ce20b29af5b8fc15e66a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "848e447e000c41894ff931dc7c004fd42c8840f8",
        "lessThan": "5ea5880764cbb164afb17a62e76ca75dc371409d",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/vfio/cdx/intr.c"
    ],
    "versions": [
      {
        "version": "6.10",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.10",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.86",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.18.27",
        "lessThanOrEqual": "6.18.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.0.4",
        "lessThanOrEqual": "7.0.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.1-rc1",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/5ea5880764cbb164afb17a62e76ca75dc371409d
git	www.git.kernel.org/stable/c/338a736aaf15e8ba3635ce20b29af5b8fc15e66a
git	www.git.kernel.org/stable/c/51bf7638f33aece41cb3f4cbeb942cc52950e329
git	www.git.kernel.org/stable/c/5d6c349c9823eb819fed8b537b088cf38126018c

27 May 2026 12:56Current

EPSS0.00023