CVE-2026-46284
Received Received - Intake
Kernel Command Line Parameter Handling Flaw in Linux HugeTLB

Publication date: 2026-06-08

Last updated on: 2026-06-08

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix early boot crash on parameters without '=' separator If hugepages, hugepagesz, or default_hugepagesz are specified on the kernel command line without the '=' separator, early parameter parsing passes NULL to hugetlb_add_param(), which dereferences it in strlen() and can crash the system during early boot. Reject NULL values in hugetlb_add_param() and return -EINVAL instead.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-08
Last Modified
2026-06-08
Generated
2026-06-09
AI Q&A
2026-06-08
EPSS Evaluated
N/A
NVD
CVE-2026-46284
EUVD
EUVD-2026-35149
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel's hugepage parameter parsing during early boot. When parameters like hugepages, hugepagesz, or default_hugepagesz are specified on the kernel command line without an '=' separator, the parsing function passes a NULL value to hugetlb_add_param(). This NULL value is then dereferenced in a strlen() call, causing the system to crash during early boot.

The fix involves rejecting NULL values in hugetlb_add_param() and returning an error code (-EINVAL) instead of allowing the crash.

Impact Analysis

This vulnerability can cause the system to crash during early boot if certain hugepage parameters are incorrectly specified without an '=' separator. This means that the system may fail to start properly, leading to potential downtime and disruption of services.

Mitigation Strategies

To mitigate this vulnerability, ensure that kernel command line parameters for hugepages, hugepagesz, or default_hugepagesz are specified with the '=' separator.

Avoid specifying these parameters without the '=' sign to prevent early boot crashes caused by NULL pointer dereferences.

If possible, update your Linux kernel to a version where this issue has been fixed, which rejects NULL values in hugetlb_add_param() and returns -EINVAL instead.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46284. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart