CVE-2026-46060
Gravedad CVSS v3.1:
MEDIA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
27/05/2026
Última modificación:
16/06/2026
Descripción
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
crypto: qat - fix IRQ cleanup on 6xxx probe failure<br />
<br />
When adf_dev_up() partially completes and then fails, the IRQ<br />
handlers registered during adf_isr_resource_alloc() are not detached<br />
before the MSI-X vectors are released.<br />
<br />
Since the device is enabled with pcim_enable_device(), calling<br />
pci_alloc_irq_vectors() internally registers pcim_msi_release() as a<br />
devres action. On probe failure, devres runs pcim_msi_release() which<br />
calls pci_free_irq_vectors(), tearing down the MSI-X vectors while IRQ<br />
handlers (for example &#39;qat0-bundle0&#39;) are still attached. This causes<br />
remove_proc_entry() warnings:<br />
<br />
[ 22.163964] remove_proc_entry: removing non-empty directory &#39;irq/143&#39;, leaking at least &#39;qat0-bundle0&#39;<br />
<br />
Moving the devm_add_action_or_reset() before adf_dev_up() does not solve<br />
the problem since devres runs in LIFO order and pcim_msi_release(),<br />
registered later inside adf_dev_up(), would still fire before<br />
adf_device_down().<br />
<br />
Fix by calling adf_dev_down() explicitly when adf_dev_up() fails, to<br />
properly free IRQ handlers before devres releases the MSI-X vectors.
Impacto
Puntuación base 3.x
5.50
Gravedad 3.x
MEDIA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.16 (incluyendo) | 6.18.27 (excluyendo) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.19 (incluyendo) | 7.0.4 (excluyendo) |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página



