FKIE_CVE-2026-46249

Vulnerability from fkie_nvd - Published: 2026-06-03 18:16 - Updated: 2026-06-05 20:51
Severity
Summary
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix PF driver crash with kexec kernel booting During a kexec reboot the hardware is not power-cycled, so AF state from the old kernel can persist into the new kernel. When AF and PF drivers are built as modules, the PF driver may probe before AF reinitializes the hardware. The PF driver treats the RVUM block revision as an indication that AF initialization is complete. If this value is left uncleared at shutdown, PF may incorrectly assume AF is ready and access stale hardware state, leading to a crash. Clear the RVUM block revision during AF shutdown to avoid PF mis-detecting AF readiness after kexec.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1370736836a18b5e0cd74bcc9cffe11d21f1fe79
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/2d2d574309e3ae84ee794869a5da8b4c38753a94
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/57821d1436ba1c6a6973aa32d54166fdec35558c
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/7d56ba306e93d04696718963fb4cda2883ee7585
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/8b5ed7c5417b7013d35b6f2507dab739013ba1a9
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/9769a09afda20a006b528b9e723effcae45965b2
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/9c3398e5b3a914b74276d44ab54c49123b89c61a
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/b7605b9301abc18fbbf2b0e23fdd281fc768955d
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Fix PF driver crash with kexec kernel booting\n\nDuring a kexec reboot the hardware is not power-cycled, so AF state from\nthe old kernel can persist into the new kernel. When AF and PF drivers\nare built as modules, the PF driver may probe before AF reinitializes\nthe hardware.\n\nThe PF driver treats the RVUM block revision as an indication that AF\ninitialization is complete. If this value is left uncleared at shutdown,\nPF may incorrectly assume AF is ready and access stale hardware state,\nleading to a crash.\n\nClear the RVUM block revision during AF shutdown to avoid PF\nmis-detecting AF readiness after kexec."
    }
  ],
  "id": "CVE-2026-46249",
  "lastModified": "2026-06-05T20:51:20.400",
  "metrics": {},
  "published": "2026-06-03T18:16:25.237",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/1370736836a18b5e0cd74bcc9cffe11d21f1fe79"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/2d2d574309e3ae84ee794869a5da8b4c38753a94"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/57821d1436ba1c6a6973aa32d54166fdec35558c"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/7d56ba306e93d04696718963fb4cda2883ee7585"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/8b5ed7c5417b7013d35b6f2507dab739013ba1a9"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/9769a09afda20a006b528b9e723effcae45965b2"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/9c3398e5b3a914b74276d44ab54c49123b89c61a"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/b7605b9301abc18fbbf2b0e23fdd281fc768955d"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.