CVE-2026-46332
Received Received - Intake

Buffer Overflow in Linux Kernel Greybus Subsystem

Publication date: 2026-06-09

Last updated on: 2026-06-14

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: bound bootloader receive buffering cc1352_bootloader_rx() appends each serdev chunk into the fixed rx_buffer before parsing bootloader packets. The helper can keep leftover bytes between callbacks and may receive multiple packets in one callback, so a single count value is not constrained by one packet length. Check that the incoming chunk fits in the remaining receive buffer space before memcpy(). If it does not, drop the staged data and consume the bytes instead of overflowing rx_buffer.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-09
Last Modified
2026-06-14
Generated
2026-06-30
AI Q&A
2026-06-09
EPSS Evaluated
2026-06-28
NVD
CVE-2026-46332
EUVD
EUVD-2026-35432

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
greybus gb-beagleplay *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel component greybus, specifically in the gb-beagleplay bootloader receive buffering functionality. The function cc1352_bootloader_rx() appends incoming serial device chunks into a fixed receive buffer before parsing bootloader packets. Because the helper function can keep leftover bytes between callbacks and may receive multiple packets in one callback, a single count value is not limited to one packet length.

The vulnerability arises when the incoming chunk does not fit in the remaining space of the receive buffer. Without proper checks, this could lead to an overflow of the rx_buffer. The fix involves checking if the incoming chunk fits in the remaining buffer space before copying it with memcpy(). If it does not fit, the staged data is dropped and the bytes are consumed to prevent overflowing the buffer.

Impact Analysis

If exploited, this vulnerability could lead to a buffer overflow in the receive buffer of the bootloader communication process. Buffer overflows can cause unexpected behavior such as crashes, data corruption, or potentially allow an attacker to execute arbitrary code or escalate privileges within the system.

Mitigation Strategies

To mitigate this vulnerability, update the Linux kernel to a version where the greybus gb-beagleplay bound bootloader receive buffering issue has been resolved.

The fix involves ensuring that the incoming data chunk fits in the remaining receive buffer space before copying it, preventing buffer overflow.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46332. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart