CVE-2026-46009

Source
https://cve.org/CVERecord?id=CVE-2026-46009
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46009.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-46009
Downstream
Related
Published
2026-05-27T12:56:09.581Z
Modified
2026-06-18T03:55:05.596636224Z
Summary
PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown
Details

In the Linux kernel, the following vulnerability has been resolved:

PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown

epfntbepcdestroy() duplicates the teardown that the caller is supposed to do later. This leads to an oops when .allowlink fails or when .drop_link is performed. Remove the helper.

Also drop pciepcput(). EPC device refcounting is tied to configfs EPC group lifetime, and pciepcput() in the .drop_link path is sufficient.

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46009.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
8b821cf761503b80d0bd052f932adfe1bc1a0088
Fixed
c3029721b84f59e790285ad27544ed5d3cb0f2a6
Fixed
c72f6a7ea638f95c486a5cfd86e567b646027687
Fixed
72099f015d3c77bf2eb703d1aab113bd7a60915a
Fixed
756ca5e7ed22d9045bb4de4c981f9149278d5cd3
Fixed
65fc57c8b8f0b31be62be291cb1bb01755cec85d
Fixed
e813c95e4c8edd31599081e6356e20ada30e266d
Fixed
3446beddba450c8d6f9aca2f028712ac527fead3

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46009.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.12.0
Fixed
5.15.209
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.175
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.140
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.86
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.27
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.4

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46009.json"