CVE-2026-46091
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
In the Linux kernel, the igorplugusb driver for infrared remote controls violates DMA coherency rules. The USB request structure may be subject to DMA on some host controllers, so it must be allocated separately to ensure memory coherency.
Risk Assessment
Failure to allocate separately may cause data corruption during DMA transfers, leading to system instability or potential security issues.
Recommendation
It is recommended to update the Linux kernel to a version containing the fix that allocates the USB request structure separately to comply with DMA coherency rules.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: media: rc: igorplugusb: heed coherency rules In a control request, the USB request structure can be subject to DMA on some HCs. Hence it must obey the rules for DMA coherency. Allocate it separately.

