Skip to main content

Linux Kernel CVE-2026-46297

| EUVDEUVD-2026-35163 MEDIUM
2026-06-08 Linux GHSA-vgg8-63wp-8qqp
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
vuln.today AI
5.5 MEDIUM

Local access with low privileges required to trigger VF interrupt path; no confidentiality or integrity impact; availability impact is high due to potential VF NIC failure.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Analysis Generated
Jul 08, 2026 - 19:18 vuln.today
CVSS changed
Jul 08, 2026 - 19:07 NVD
5.5 (MEDIUM)
Patch available
Jun 08, 2026 - 18:01 EUVD
CVE Published
Jun 08, 2026 - 15:46 nvd
MEDIUM 5.5
CVE Published
Jun 08, 2026 - 15:46 nvd
UNKNOWN (no severity yet)

DescriptionNVD

In the Linux kernel, the following vulnerability has been resolved:

net: libwx: use request_irq for VF misc interrupt

Currently, request_threaded_irq() is used with a primary handler but a NULL threaded handler, while also setting the IRQF_ONESHOT flag. This specific combination triggers a WARNING since the commit aef30c8d569c ("genirq: Warn about using IRQF_ONESHOT without a threaded handler").

WARNING: kernel/irq/manage.c:1502 at __setup_irq+0x4fa/0x760

Fix the issue by switching to request_irq(), which is the appropriate interface or a non-threaded interrupt handler, and removing the unnecessary IRQF_ONESHOT flag.

AnalysisAI

Improper interrupt registration in the Linux kernel's libwx network driver causes a kernel WARNING when VF (Virtual Function) misc interrupts are initialized, resulting in high availability impact on affected systems. The libwx driver incorrectly calls request_threaded_irq() with a primary handler, a NULL threaded handler, and the IRQF_ONESHOT flag - an invalid combination flagged as a WARNING by the kernel interrupt management subsystem since commit aef30c8d569c. Exploitation requires local access with low privileges on a system equipped with a Wangxun VF NIC using the libwx driver; no public exploit code exists and EPSS is negligible at 0.02%.

Technical ContextAI

The libwx module is the Linux kernel driver for Wangxun (WX-series) network adapters. The bug resides in how VF (SR-IOV Virtual Function) misc interrupt handlers are registered. The kernel interrupt management API mandates that IRQF_ONESHOT - which defers re-enabling the interrupt line until the threaded handler completes - must only be paired with a non-NULL threaded handler. Using request_threaded_irq() with a real primary handler, a NULL thread_fn, and IRQF_ONESHOT was made explicitly illegal by commit aef30c8d569c ('genirq: Warn about using IRQF_ONESHOT without a threaded handler'), which emits a WARN_ON at kernel/irq/manage.c:1502. The correct fix is request_irq(), the standard synchronous interrupt registration call, with IRQF_ONESHOT removed. No CWE is assigned in the input data; the root cause is best classified as improper use of a kernel API (analogous to CWE-628: Function Call with Incorrectly Specified Arguments).

RemediationAI

Update the Linux kernel to a version containing the libwx VF interrupt fix: 6.18.30, 7.0.7, or 7.1-rc3 (or later). The upstream fix commits are confirmed at https://git.kernel.org/stable/c/1bca036fe3607182c21f05e2b262167edbef086c, https://git.kernel.org/stable/c/a841574c6e573132681aa57f9b43a0a897a423f6, and https://git.kernel.org/stable/c/7a33345153eeeda195c55f15be27074e4c3b5109. As a compensating control, operators who cannot immediately patch may disable SR-IOV VF instantiation on Wangxun NICs to prevent the libwx VF misc interrupt code path from executing; this eliminates the trigger but also disables VF NIC functionality. No confidentiality or integrity risk warrants emergency patching - normal patching cycles are appropriate unless SR-IOV NIC availability is operationally critical.

Share

CVE-2026-46297 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy