CVE-2026-46332
Received Received - Intake
Buffer Overflow in Linux Kernel Greybus Subsystem

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: bound bootloader receive buffering cc1352_bootloader_rx() appends each serdev chunk into the fixed rx_buffer before parsing bootloader packets. The helper can keep leftover bytes between callbacks and may receive multiple packets in one callback, so a single count value is not constrained by one packet length. Check that the incoming chunk fits in the remaining receive buffer space before memcpy(). If it does not, drop the staged data and consume the bytes instead of overflowing rx_buffer.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-09
AI Q&A
2026-06-09
EPSS Evaluated
N/A
NVD
CVE-2026-46332
EUVD
EUVD-2026-35432
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
greybus gb-beagleplay *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel component greybus, specifically in the gb-beagleplay bootloader receive buffering functionality. The function cc1352_bootloader_rx() appends incoming serial device chunks into a fixed receive buffer before parsing bootloader packets. Because the helper function can keep leftover bytes between callbacks and may receive multiple packets in one callback, a single count value is not limited to one packet length.

The vulnerability arises when the incoming chunk does not fit in the remaining space of the receive buffer. Without proper checks, this could lead to an overflow of the rx_buffer. The fix involves checking if the incoming chunk fits in the remaining buffer space before copying it with memcpy(). If it does not fit, the staged data is dropped and the bytes are consumed to prevent overflowing the buffer.

Impact Analysis

If exploited, this vulnerability could lead to a buffer overflow in the receive buffer of the bootloader communication process. Buffer overflows can cause unexpected behavior such as crashes, data corruption, or potentially allow an attacker to execute arbitrary code or escalate privileges within the system.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46332. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart