CVE Catalog

CVE-2026-46068

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.17%

6th percentile - higher than 6% of all known CVEs

Summary

A vulnerability has been identified in the Linux kernel related to bounce buffer leaks in the nx842_crypto_{alloc,free}_ctx functions. The issue is due to improper buffer release, which should use free_pages() instead of free_page().

Risk Assessment

Buffer leaks can lead to inefficient memory management, potentially affecting system stability and data security.

Recommendation

It is recommended to update the Linux kernel to the latest version to mitigate this vulnerability and ensure proper memory management.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: crypto: nx - fix bounce buffer leaks in nx842_crypto_{alloc,free}_ctx The bounce buffers are allocated with __get_free_pages() using BOUNCE_BUFFER_ORDER (order 2 = 4 pages), but both the allocation error path and nx842_crypto_free_ctx() release the buffers with free_page(). Use free_pages() with the matching order instead.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS