CVE-2026-46297
Received Received - Intake

Linux Kernel IRQF_ONESHOT Misuse in net: libwx

Publication date: 2026-06-08

Last updated on: 2026-06-08

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: net: libwx: use request_irq for VF misc interrupt Currently, request_threaded_irq() is used with a primary handler but a NULL threaded handler, while also setting the IRQF_ONESHOT flag. This specific combination triggers a WARNING since the commit aef30c8d569c ("genirq: Warn about using IRQF_ONESHOT without a threaded handler"). WARNING: kernel/irq/manage.c:1502 at __setup_irq+0x4fa/0x760 Fix the issue by switching to request_irq(), which is the appropriate interface or a non-threaded interrupt handler, and removing the unnecessary IRQF_ONESHOT flag.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-08
Last Modified
2026-06-08
Generated
2026-06-29
AI Q&A
2026-06-08
EPSS Evaluated
2026-06-27
NVD
CVE-2026-46297
EUVD
EUVD-2026-35163

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's network library (libwx) where an incorrect use of interrupt request functions occurs. Specifically, the code uses request_threaded_irq() with a primary interrupt handler but a NULL threaded handler, while also setting the IRQF_ONESHOT flag. This combination triggers a kernel warning because IRQF_ONESHOT should only be used with a threaded interrupt handler. The issue is fixed by switching to request_irq(), which is the correct interface for a non-threaded interrupt handler, and by removing the unnecessary IRQF_ONESHOT flag.

Impact Analysis

This vulnerability can cause kernel warnings that may lead to instability or unexpected behavior in the Linux kernel's interrupt handling subsystem. While it may not directly cause a security breach, improper interrupt handling can affect system reliability and performance, potentially leading to system crashes or degraded network functionality.

Detection Guidance

This vulnerability triggers a WARNING in the Linux kernel logs related to the use of request_threaded_irq() with the IRQF_ONESHOT flag but without a threaded handler.

To detect this issue on your system, you can check the kernel logs for the specific warning message.

  • Use the command: dmesg | grep '__setup_irq+0x4fa' to search for the WARNING in kernel logs.
  • Alternatively, check system logs with: journalctl -k | grep 'IRQF_ONESHOT without a threaded handler' or similar keywords.
Mitigation Strategies

The vulnerability is fixed by changing the interrupt request method from request_threaded_irq() with a NULL threaded handler and IRQF_ONESHOT flag to using request_irq() without the IRQF_ONESHOT flag.

Immediate mitigation involves updating the Linux kernel to a version where this fix is applied.

If updating is not immediately possible, monitoring kernel logs for the warning and avoiding configurations or modules that trigger this condition can help reduce risk.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46297. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart