CVE-2026-46007
Analyzed Analyzed - Analysis Complete
hwmon: (powerz) DMA Buffer Cacheline Sharing Vulnerability

Publication date: 2026-05-27

Last updated on: 2026-06-16

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: hwmon: (powerz) Avoid cacheline sharing for DMA buffer Depending on the architecture the transfer buffer may share a cacheline with the following mutex. As the buffer may be used for DMA, that is problematic. Use the high-level DMA helpers to make sure that cacheline sharing can not happen. Also drop the comment, as the helpers are documentation enough. https://sashiko.dev/#/message/20260408175814.934BFC19421%40smtp.kernel.org
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-06-16
Generated
2026-06-16
AI Q&A
2026-05-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-46007
EUVD
EUVD-2026-32304
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 6.13 (inc) to 6.18.30 (exc)
linux linux_kernel From 6.7 (inc) to 6.12.88 (exc)
linux linux_kernel From 6.19 (inc) to 7.0.4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's hardware monitoring (hwmon) subsystem, specifically related to the powerz driver. The issue arises because the transfer buffer used for Direct Memory Access (DMA) may share a CPU cacheline with a mutex that follows it in memory. Since the buffer is used for DMA operations, sharing a cacheline with the mutex can cause problematic behavior.

The fix involves using high-level DMA helper functions to ensure that the DMA buffer and the mutex do not share the same cacheline, preventing potential data corruption or synchronization issues.

Impact Analysis

If exploited or triggered, this vulnerability could lead to data corruption or synchronization problems within the kernel due to cacheline sharing between a DMA buffer and a mutex. This could cause instability or unpredictable behavior in systems using the affected Linux kernel component.

Mitigation Strategies

The vulnerability has been resolved by avoiding cacheline sharing for the DMA buffer in the Linux kernel's hwmon (powerz) subsystem.

To mitigate this vulnerability, you should update your Linux kernel to a version that includes this fix, which uses high-level DMA helpers to prevent cacheline sharing.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46007. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart