Skip to main content

Linux Kernel EUVDEUVD-2026-32832

| CVE-2026-46205 HIGH
2026-05-28 416baaa9-dc9f-4396-8d5f-8c081fb06d67 GHSA-qv25-8qcj-cc95
7.8
CVSS 3.1 · Vendor: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Share

Severity by source

Vendor (416baaa9-dc9f-4396-8d5f-8c081fb06d67) PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
SUSE
HIGH
qualitative

Primary rating from Vendor (416baaa9-dc9f-4396-8d5f-8c081fb06d67).

CVSS VectorVendor: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

5
Analysis Generated
May 30, 2026 - 12:06 vuln.today
CVSS changed
May 30, 2026 - 11:22 NVD
7.8 (HIGH)
Patch available
May 28, 2026 - 12:01 EUVD
CVE Published
May 28, 2026 - 10:16 nvd
UNKNOWN (no severity yet)
CVE Published
May 28, 2026 - 10:16 nvd
HIGH 7.8

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

staging: media: atomisp: Disallow all private IOCTLs

Disallow all private IOCTLs. These aren't quite as safe as one could assume of IOCTL handlers; disable them for now. Instead of removing the code, return in the beginning of the function if cmd is non-zero in order to keep static checkers happy.

AnalysisAI

Local privilege escalation risk in the Linux kernel's atomisp staging media driver allows authenticated low-privileged users to potentially abuse private IOCTLs that were not adequately validated. The upstream fix disables all private IOCTLs in the atomisp driver by returning early when the command is non-zero. EPSS is very low at 0.02% (5th percentile) and no public exploit identified at time of analysis, indicating limited real-world exploitation interest.

Technical ContextAI

The affected component is the atomisp (Atom Image Signal Processor) driver located under drivers/staging/media/atomisp in the Linux kernel - a staging-quality driver supporting Intel ISP hardware on certain Atom/Cherry Trail platforms. The flaw lies in the driver's private IOCTL handlers (vendor-specific ioctls beyond the standard V4L2 set), which were not sufficiently safe per the upstream commit message. No CWE was assigned, but the issue class is unsafe IOCTL handler exposure from a staging driver, mitigated by short-circuiting the handler when cmd is non-zero rather than removing the code outright.

RemediationAI

Vendor-released patch: upgrade to Linux kernel 6.6.140, 6.12.90, 6.18.32, 7.0.9, or 7.1-rc1 (or any later stable release on those branches), referencing the upstream commits at https://git.kernel.org/stable/c/2b7eb2c5dc72f0fc954ac4aa155f9e285e937f7c and the related hashes listed in the NVD references. As a compensating control until patching, blacklist the atomisp kernel module via /etc/modprobe.d/ (e.g., 'blacklist atomisp' with install lines forcing /bin/false) which fully neutralizes the attack surface at the cost of disabling Intel ISP camera functionality on affected hardware; alternatively restrict /dev/video* device node access via udev rules or DAC permissions so only trusted accounts can issue IOCTLs, accepting that legitimate camera-using applications will need their service accounts added to the allowed group. Distribution-shipped kernels rarely build the staging atomisp driver, so most servers and cloud workloads are unaffected without action.

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

EUVD-2026-32832 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy