CVE-2026-46182

Source
https://cve.org/CVERecord?id=CVE-2026-46182
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46182.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-46182
Downstream
Related
Published
2026-05-28T09:36:35.528Z
Modified
2026-07-08T08:13:37.635033002Z
Summary
pseries/papr-hvpipe: Prevent kernel stack memory leak to userspace
Details

In the Linux kernel, the following vulnerability has been resolved:

pseries/papr-hvpipe: Prevent kernel stack memory leak to userspace

The hdr variable is allocated on the stack and only hdr.version and hdr.flags are initialized explicitly. Because the struct paprhvpipehdr contains reserved padding bytes (reserved[3] and reserved2[40]), these could leak the uninitialized bytes to userspace after copytouser().

This patch fixes that by initializing the whole struct to 0.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46182.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
cebdb522fd3edd1fe05f7b4a74a27da7dd0f8d86
Fixed
0479b6e9f999cc1cbad7d9f09f574fc387e605d5
Fixed
f88f8e4485b437e0a2f96a7ff1f88aa22d925659
Fixed
cefeed44296261173a806bef988b26bc565da4be

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46182.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.18.0
Fixed
6.18.30
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.7

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46182.json"