CVE-2026-46287
Received Received - Intake
RTNL Assertion Warning in TXGBE Driver During Module Removal

Publication date: 2026-06-08

Last updated on: 2026-06-08

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix RTNL assertion warning when remove module For the copper NIC with external PHY, the driver called phylink_connect_phy() during probe and phylink_disconnect_phy() during remove. It caused an RTNL assertion warning in phylink_disconnect_phy() upon module remove. To fix this, add rtnl_lock() and rtnl_unlock() around the phylink_disconnect_phy() in remove function. ------------[ cut here ]------------ RTNL: assertion failed at drivers/net/phy/phylink.c (2351) WARNING: drivers/net/phy/phylink.c:2351 at phylink_disconnect_phy+0xd8/0xf0 [phylink], CPU#0: rmmod/4464 Modules linked in: ... CPU: 0 UID: 0 PID: 4464 Comm: rmmod Kdump: loaded Not tainted 7.0.0-rc4+ Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024 RIP: 0010:phylink_disconnect_phy+0xe4/0xf0 [phylink] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d 31 c0 31 d2 31 f6 31 ff e9 3a 38 8f e7 48 8d 3d 48 87 e2 ff ba 2f 09 00 00 48 c7 c6 c1 22 24 c0 <67> 48 0f b9 3a e9 34 ff ff ff 66 90 90 90 90 90 90 90 90 90 90 90 RSP: 0018:ffffce7288363ac0 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff89654b2a1a00 RCX: 0000000000000000 RDX: 000000000000092f RSI: ffffffffc02422c1 RDI: ffffffffc0239020 RBP: ffffce7288363ae8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffff8964c4022000 R13: ffff89654fce3028 R14: ffff89654ebb4000 R15: ffffffffc0226348 FS: 0000795e80d93780(0000) GS:ffff896c52857000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00005b528b592000 CR3: 0000000170d0f000 CR4: 0000000000f50ef0 PKRU: 55555554 Call Trace: <TASK> txgbe_remove_phy+0xbb/0xd0 [txgbe] txgbe_remove+0x4c/0xb0 [txgbe] pci_device_remove+0x41/0xb0 device_remove+0x43/0x80 device_release_driver_internal+0x206/0x270 driver_detach+0x4a/0xa0 bus_remove_driver+0x83/0x120 driver_unregister+0x2f/0x60 pci_unregister_driver+0x40/0x90 txgbe_driver_exit+0x10/0x850 [txgbe] __do_sys_delete_module.isra.0+0x1c3/0x2f0 __x64_sys_delete_module+0x12/0x20 x64_sys_call+0x20c3/0x2390 do_syscall_64+0x11c/0x1500 ? srso_alias_return_thunk+0x5/0xfbef5 ? do_syscall_64+0x15a/0x1500 ? srso_alias_return_thunk+0x5/0xfbef5 ? do_fault+0x312/0x580 ? srso_alias_return_thunk+0x5/0xfbef5 ? __handle_mm_fault+0x9d5/0x1040 ? srso_alias_return_thunk+0x5/0xfbef5 ? count_memcg_events+0x101/0x1d0 ? srso_alias_return_thunk+0x5/0xfbef5 ? handle_mm_fault+0x1e8/0x2f0 ? srso_alias_return_thunk+0x5/0xfbef5 ? do_user_addr_fault+0x2f8/0x820 ? srso_alias_return_thunk+0x5/0xfbef5 ? irqentry_exit+0xb2/0x600 ? srso_alias_return_thunk+0x5/0xfbef5 ? exc_page_fault+0x92/0x1c0 entry_SYSCALL_64_after_hwframe+0x76/0x7e
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-08
Last Modified
2026-06-08
Generated
2026-06-09
AI Q&A
2026-06-08
EPSS Evaluated
N/A
NVD
CVE-2026-46287
EUVD
EUVD-2026-35152
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
intel txgbe *
linux kernel *
linux linux_kernel 7.0.0-rc4+
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Impact Analysis

This vulnerability can cause an assertion failure warning in the Linux kernel when removing the affected network module. While it does not indicate a direct security breach such as data leakage or privilege escalation, it can lead to instability or unexpected behavior during module removal.

Such kernel warnings or assertion failures might cause system logs to fill with error messages and could potentially disrupt normal operations or complicate troubleshooting.

Executive Summary

This vulnerability is related to the Linux kernel's network driver for copper NICs with external PHY. The issue occurs because the driver calls phylink_connect_phy() during probe and phylink_disconnect_phy() during module removal without proper locking. This causes an RTNL (Runtime Network Lock) assertion warning when the module is removed.

The root cause is that phylink_disconnect_phy() is called without holding the RTNL lock, leading to an assertion failure. The fix involves adding rtnl_lock() and rtnl_unlock() calls around phylink_disconnect_phy() in the remove function to ensure proper synchronization.

Compliance Impact

The provided information about CVE-2026-46287 does not include any details regarding its impact on compliance with common standards and regulations such as GDPR or HIPAA.

Detection Guidance

This vulnerability manifests as an RTNL assertion warning in the Linux kernel logs when the txgbe module is removed. You can detect it by checking the kernel log messages for warnings related to phylink_disconnect_phy and RTNL assertion failures.

  • Use the command 'dmesg | grep -i RTNL' to search for RTNL assertion warnings in the kernel log.
  • Use 'dmesg | grep -i phylink_disconnect_phy' to find specific warnings related to the phylink_disconnect_phy function.
  • Monitor system logs (e.g., /var/log/kern.log or /var/log/messages) for similar RTNL assertion warnings when removing network modules.
Mitigation Strategies

To mitigate this vulnerability, update the Linux kernel to a version where the fix has been applied. The fix involves adding rtnl_lock() and rtnl_unlock() calls around the phylink_disconnect_phy() function in the txgbe driver remove function to prevent RTNL assertion warnings.

Until the kernel is updated, avoid removing the txgbe module on systems using copper NICs with external PHYs, as this triggers the assertion warning.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46287. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart