CVE Catalog

CVE-2026-46286

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile - higher than 2% of all known CVEs

Summary

In the qcom-lpg LED driver in the Linux kernel, array bounds checking was missing when selecting high resolution values. The FIELD_GET() macro extracted a 3-bit register value, but the array had only 5 entries, potentially causing out-of-bounds read.

Risk Assessment

An out-of-bounds array read could lead to unstable LED driver behavior, and in extreme cases, expose sensitive data or cause system crashes.

Recommendation

Immediately update the Linux kernel to a version containing the fix (commit 0b9c0c7e) or later, which adds proper array bounds checking.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELD_GET() is used to pull from a 3 bit register, yet the array being indexed has only 5 values in it. Odds are the hardware is sane, but just to be safe, properly check before just overflowing and reading random data and then setting up chip values based on that.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS