CVE-2026-46182

Summary

In the Linux kernel, the following vulnerability has been resolved:

pseries/papr-hvpipe: Prevent kernel stack memory leak to userspace

The hdr variable is allocated on the stack and only hdr.version and hdr.flags are initialized explicitly. Because the struct papr_hvpipe_hdr contains reserved padding bytes (reserved[3] and reserved2[40]), these could leak the uninitialized bytes to userspace after copy_to_user().

This patch fixes that by initializing the whole struct to 0.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxcebdb522fd3edd1fe05f7b4a74a27da7dd0f8d86 < 0479b6e9f999cc1cbad7d9f09f574fc387e605d5affected
LinuxLinuxcebdb522fd3edd1fe05f7b4a74a27da7dd0f8d86 < f88f8e4485b437e0a2f96a7ff1f88aa22d925659affected
LinuxLinuxcebdb522fd3edd1fe05f7b4a74a27da7dd0f8d86 < cefeed44296261173a806bef988b26bc565da4beaffected
LinuxLinux6.18affected
LinuxLinux0 < 6.18unaffected
LinuxLinux6.18.30 <= 6.18.*unaffected
LinuxLinux7.0.7 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References