Is there a patch available for CVE-2026-46047?

Yes, a patch is available for CVE-2026-46047. Update the affected software to the latest version immediately.

Linux CVE-2026-46047

EUVD-2026-32429

2026-05-27 416baaa9-dc9f-4396-8d5f-8c081fb06d67

GHSA-g5x6-jrf2-h8qv

Information Disclosure Linux

Lifecycle Timeline

Patch available

May 27, 2026 - 19:46 EUVD

CVE Published

May 27, 2026 - 14:17 nvd

UNKNOWN (no severity yet)

DescriptionNVD

In the Linux kernel, the following vulnerability has been resolved:

net: qrtr: ns: Fix use-after-free in driver remove()

In the remove callback, if a packet arrives after destroy_workqueue() is called, but before sock_release(), the qrtr_ns_data_ready() callback will try to queue the work, causing use-after-free issue.

Fix this issue by saving the default 'sk_data_ready' callback during qrtr_ns_init() and use it to replace the qrtr_ns_data_ready() callback at the start of remove(). This ensures that even if a packet arrives after destroy_workqueue(), the work struct will not be dereferenced.

Note that it is also required to ensure that the RX threads are completed before destroying the workqueue, because the threads could be using the qrtr_ns_data_ready() callback.

Analysis

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Fix use-after-free in driver remove() In the remove callback, if a packet arrives after destroy_workqueue() is called, but before sock_release(), the qrtr_ns_data_ready() callback will try to queue the work, causing use-after-free issue. Fix this issue by saving the default 'sk_data_ready' callback during qrtr_ns_init() and use it to replace the qrtr_ns_data_ready() callback at the start of remove(). …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-47334 MEDIUM This Month

5.5 May 28

Kernel availability loss in Ubuntu Linux 6.8, 6.17, and 7.0 can be triggered by any unprivileged local user via a defect

CVE-2026-47335 MEDIUM This Month

5.5 May 28

Kernel panic via NULL pointer dereference in Ubuntu Linux 6.8's AppArmor notification handler allows a locally authentic

CVE-2026-47327 LOW Monitor

3.3 May 28

NULL pointer dereference in Ubuntu Linux kernel versions 6.8, 6.17, and 7.0 allows a local unprivileged user to crash th

CVE-2026-47337 LOW Monitor

3.3 May 28

NULL pointer dereference in Ubuntu Linux kernel SAUCE patches (versions 6.8, 6.17, and 7.0) allows an unprivileged local

CVE-2026-45844 Monitor

May 27

In the Linux kernel, the following vulnerability has been resolved: netfilter: arp_tables: fix IEEE1394 ARP payload par

CVE-2026-46047 vulnerability details – vuln.today

Back

Linux CVE-2026-46047

Lifecycle Timeline

DescriptionNVD

Analysis

Full analysis requires sign-in

More from same product – last 7 days

Share

External POC / Exploit Code