CVE-2026-46060

Source
https://cve.org/CVERecord?id=CVE-2026-46060
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46060.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-46060
Downstream
Related
Published
2026-05-27T12:57:20.991Z
Modified
2026-06-18T03:57:09.635448216Z
Summary
crypto: qat - fix IRQ cleanup on 6xxx probe failure
Details

In the Linux kernel, the following vulnerability has been resolved:

crypto: qat - fix IRQ cleanup on 6xxx probe failure

When adfdevup() partially completes and then fails, the IRQ handlers registered during adfisrresource_alloc() are not detached before the MSI-X vectors are released.

Since the device is enabled with pcimenabledevice(), calling pciallocirqvectors() internally registers pcimmsirelease() as a devres action. On probe failure, devres runs pcimmsirelease() which calls pcifreeirqvectors(), tearing down the MSI-X vectors while IRQ handlers (for example 'qat0-bundle0') are still attached. This causes removeprocentry() warnings:

[   22.163964] remove_proc_entry: removing non-empty directory 'irq/143', leaking at least 'qat0-bundle0'

Moving the devmaddactionorreset() before adfdevup() does not solve the problem since devres runs in LIFO order and pcimmsirelease(), registered later inside adfdevup(), would still fire before adfdevicedown().

Fix by calling adfdevdown() explicitly when adfdevup() fails, to properly free IRQ handlers before devres releases the MSI-X vectors.

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46060.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
17fd7514ae68c541bf952876ce2005cb4a53f283
Fixed
27f561bf894e46bdc2d6209c50884adad79d8277
Fixed
7cd651f1357dcc477e6483c3a4706836b46bdc92
Fixed
95aed2af87ec43fa7624cc81dd13d37824ad4972

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46060.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.16.0
Fixed
6.18.27
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.4

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46060.json"