CVE-2026-46166— Linux kernel 安全漏洞
Possible ATT&CK Techniques 1AI
T1190 · Exploit Public-Facing ApplicationAffected Version Matrix 10
| ベンダー | プロダクト | Version Range | ステータス |
|---|---|---|---|
| Linux | Linux | bca8bc0399ac2efd56e6adbed0307e10125a556c< 887ece6c23b49d02a6678e7a8d5ad213d75883ce | affected |
bca8bc0399ac2efd56e6adbed0307e10125a556c< 7577a4b8a10fab45a6ee2045ea038a5adadbb585 | affected | ||
bca8bc0399ac2efd56e6adbed0307e10125a556c< 120149fb3ebcf674832ca3cafd32bedcdb686dde | affected | ||
bca8bc0399ac2efd56e6adbed0307e10125a556c< ac8eb3e18f41e2cc8492cc1d358bcb786c850270 | affected | ||
6.12 | affected | ||
< 6.12 | unaffected | ||
6.12.88≤ 6.12.* | unaffected | ||
6.18.30≤ 6.18.* | unaffected | ||
| … +2 more rows | |||
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2026-46166の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
wifi: mac80211: use safe list iteration in radar detect work
ソース: NVD (National Vulnerability Database)
脆弱性説明
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use safe list iteration in radar detect work The call to ieee80211_dfs_cac_cancel can cause the iterated chanctx to be freed and removed from the list. Guard against this to avoid a slab-use-after-free error.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Linux kernel 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于mac80211雷达检测工作中未使用安全列表迭代,可能导致释放后重用错误。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
II. CVE-2026-46166の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2026-46166のインテリジェンス情報
请登录查看更多情报信息。
CVE-2026-46166 补丁与修复 (4)
Same Patch Batch · Linux · 2026-05-28 · 136 CVEs total
| CVE-2026-46135 | 9.8 CRITICAL | nvmet-tcp: fix race between ICReq handling and queue teardown |
| CVE-2026-46195 | 9.8 CRITICAL | smb: client: validate dacloffset before building DACL pointers |
| CVE-2026-46137 | 9.8 CRITICAL | mptcp: pm: ADD_ADDR rtx: fix potential data-race |
| CVE-2026-46115 | 9.8 CRITICAL | block: add pgmap check to biovec_phys_mergeable |
| CVE-2026-46155 | 9.1 CRITICAL | smb/client: fix out-of-bounds read in smb2_compound_op() |
| CVE-2026-46185 | 9.1 CRITICAL | smb/client: fix out-of-bounds read in symlink_data() |
| CVE-2026-46119 | 9.1 CRITICAL | libceph: Fix slab-out-of-bounds access in auth message processing |
| CVE-2026-46238 | 8.8 HIGH | batman-adv: stop caching unowned originator pointers in BAT IV |
| CVE-2026-46174 | 8.8 HIGH | x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache |
| CVE-2026-46125 | 8.8 HIGH | wifi: mac80211: remove station if connection prep fails |
| CVE-2026-46198 | 8.8 HIGH | batman-adv: fix integer overflow on buff_pos |
| CVE-2026-46212 | 8.8 HIGH | batman-adv: bla: prevent use-after-free when deleting claims |
| CVE-2026-46152 | 8.8 HIGH | wifi: mac80211: drop stray 'static' from fast-RX rx_result |
| CVE-2026-46113 | 8.8 HIGH | KVM: x86: Fix shadow paging use-after-free due to unexpected GFN |
| CVE-2026-46232 | 8.1 HIGH | HID: playstation: Clamp num_touch_reports |
| CVE-2026-46138 | 8.1 HIGH | Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt |
| CVE-2026-46215 | 7.8 HIGH | drm: Set old handle to NULL before prime swap in change_handle |
| CVE-2026-46201 | 7.8 HIGH | drm/xe: Fix dma-buf attachment leak in xe_gem_prime_import() |
| CVE-2026-46157 | 7.8 HIGH | ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger |
| CVE-2026-46227 | 7.8 HIGH | sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL |
Showing 20 of 136 CVEs. View all on vendor page →
IV. 関連脆弱性
同じ製品: Linux
- CVE-2026-52907
media: rockchip: rkcif: fix off by one bugs - CVE-2026-52906
9p: fix access mode flags being ORed instead of replaced - CVE-2026-52905
mm/damon/core: disallow non-power of two min_region_sz on da - CVE-2026-52904
drm/nouveau: fix nvkm_device leak on aperture removal failur - CVE-2026-46332
greybus: gb-beagleplay: bound bootloader receive buffering
同じベンダー: Linux
- CVE-2026-52907
media: rockchip: rkcif: fix off by one bugs - CVE-2026-52906
9p: fix access mode flags being ORed instead of replaced - CVE-2026-52905
mm/damon/core: disallow non-power of two min_region_sz on da - CVE-2026-52904
drm/nouveau: fix nvkm_device leak on aperture removal failur - CVE-2026-46332
greybus: gb-beagleplay: bound bootloader receive buffering
V. CVE-2026-46166へのコメント
まだコメントはありません