CVE Catalog

CVE-2026-46091

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile - higher than 2% of all known CVEs

Summary

In the Linux kernel, the igorplugusb driver for infrared remote controls violates DMA coherency rules. The USB request structure may be subject to DMA on some host controllers, so it must be allocated separately to ensure memory coherency.

Risk Assessment

Failure to allocate separately may cause data corruption during DMA transfers, leading to system instability or potential security issues.

Recommendation

It is recommended to update the Linux kernel to a version containing the fix that allocates the USB request structure separately to comply with DMA coherency rules.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: media: rc: igorplugusb: heed coherency rules In a control request, the USB request structure can be subject to DMA on some HCs. Hence it must obey the rules for DMA coherency. Allocate it separately.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS