In the Linux kernel, the following vulnerability has been resolved:
mm/hugetlb: fix early boot crash on parameters without '=' separator
If hugepages, hugepagesz, or defaulthugepagesz are specified on the kernel command line without the '=' separator, early parameter parsing passes NULL to hugetlbadd_param(), which dereferences it in strlen() and can crash the system during early boot.
Reject NULL values in hugetlbaddparam() and return -EINVAL instead.
{
"cna_assigner": "Linux",
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46284.json"
}