CVE-2026-46190 mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show()

🗓️ 28 May 2026 09:36:44Reported by LinuxType

Fixed out of bounds read in spi_nor_params_show by using array size for snor_f_names in debugfs.

Reporter	Title	Published	Views	Family All 47
ATTACKERKB	CVE-2026-46190	28 May 202609:36	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1753)	27 May 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : bpftool6.18, kernel6.18, kernel6.18-devel (ALAS2023-2026-1754)	27 May 202600:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2026-46190	29 May 202600:00	–	nessus
CBLMariner	CVE-2026-46190 affecting package kernel for versions less than 6.6.141.1-1	22 Jun 202621:21	–	cbl_mariner
CNNVD	Linux kernel 安全漏洞	28 May 202600:00	–	cnnvd
CVE	CVE-2026-46190	28 May 202609:36	–	cve
Debian CVE	CVE-2026-46190	28 May 202609:36	–	debiancve
EUVD	EUVD-2026-32817	28 May 202609:36	–	euvd
Microsoft CVE	mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show()	29 May 202608:06	–	mscve

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/mtd/spi-nor/debugfs.c"
    ],
    "versions": [
      {
        "version": "0257be79fc4a16a3252ce80aa13b3640f728c425",
        "lessThan": "231b8e1f604f6e0a7e100536f506cdf482e2c5f5",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0257be79fc4a16a3252ce80aa13b3640f728c425",
        "lessThan": "9a80c458320e0514e11945402dd6e48fcee05524",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0257be79fc4a16a3252ce80aa13b3640f728c425",
        "lessThan": "ca18c180b053f6ce80394322b314ac721c316af7",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0257be79fc4a16a3252ce80aa13b3640f728c425",
        "lessThan": "34bdcfb496b29f9a52431194f94473b37fb8c162",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0257be79fc4a16a3252ce80aa13b3640f728c425",
        "lessThan": "c0b654bc0b76a1da102d9138be1ed1223bd99310",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0257be79fc4a16a3252ce80aa13b3640f728c425",
        "lessThan": "e47029b977e747cb3a9174308fd55762cce70147",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/mtd/spi-nor/debugfs.c"
    ],
    "versions": [
      {
        "version": "5.19",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.19",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.176",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.140",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.88",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.18.30",
        "lessThanOrEqual": "6.18.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.0.7",
        "lessThanOrEqual": "7.0.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.1",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/e47029b977e747cb3a9174308fd55762cce70147
git	www.git.kernel.org/stable/c/c0b654bc0b76a1da102d9138be1ed1223bd99310
git	www.git.kernel.org/stable/c/9a80c458320e0514e11945402dd6e48fcee05524
git	www.git.kernel.org/stable/c/231b8e1f604f6e0a7e100536f506cdf482e2c5f5
git	www.git.kernel.org/stable/c/34bdcfb496b29f9a52431194f94473b37fb8c162
git	www.git.kernel.org/stable/c/ca18c180b053f6ce80394322b314ac721c316af7

19 Jun 2026 11:59Current

CVSS 3.17.1

EPSS0.00131