What is CVE-2026-46216?

CVE-2026-46216 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 6.10 onward and patched in 6.12.92, 6.18.34, 7.0.9 and others. CVE-2026-46216 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2026-46216?

CVE-2026-46216 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2026-46216?

Yes, CVE-2026-46216 has been patched. Fixed versions include 6.12.92, 6.18.34, 7.0.9 and others. If you are running Linux kernel 6.10 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2026-46216 actively exploited?

CVE-2026-46216 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2026-46216

In the Linux kernel, the following vulnerability has been resolved: drm/xe/hdcp: Add NULL check for media_gt in intel_hdcp_gsc_check_status() When media GT is disabled via configfs, there is no allocation for media_gt, which is kept as NULL. In such scenario, intel_hdcp_gsc_check_status() results in a kernel pagefault error due to &gt->uc.gsc being evaluated as an invalid memory address. Fix that by introducing a NULL check on media_gt and bailing out early if so. While at it, also drop the NULL check for gsc, since it can't be NULL if media_gt is not NULL. v2: - Get address for gsc only after checking that gt is not NULL. (Shuicheng) - Drop the NULL check for gsc. (Shuicheng) v3: - Add "Fixes" and "Cc: <stable...>" tags. (Matt) (cherry picked from commit bfaf87e84ca3ca3f6e275f9ae56da47a8b55ffd1)

Package Linux Kernel

Published 2026-05-28

Last modified 2026-06-01

Patch available

Yes

Affected versions

Linux kernel versions 6.10 and later are affected. Fixed in 6.12.92, 6.18.34, 7.0.9, 7.1-rc3 and their respective stable series.

Affected from

≥ 6.10

Fixed in

✓ 6.12.92 6.12.x ✓ 6.18.34 6.18.x ✓ 7.0.9 7.0.x ✓ 7.1-rc3

References

The following references provide additional information about CVE-2026-46216 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/60a1e131a811b68703da58fd805ab359b704ab03
Patch
Kernel patch commit
https://git.kernel.org/stable/c/814326e86e929b865020ff44f4576dbdfe3f7ff3
Patch
Kernel patch commit
https://git.kernel.org/stable/c/cad210d2851f3a7d9573bdfc02aa61d9287bbe8c
Patch

4 patch commits total View all on NVD

Frequently asked questions

What is CVE-2026-46216?

CVE-2026-46216 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 6.10 onward and has been patched in 6.12.92, 6.18.34, 7.0.9 and others. CVE-2026-46216 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2026-46216?

Yes — CVE-2026-46216 has been patched. Fixed versions include 6.12.92, 6.18.34, 7.0.9 and others. If you are running Linux kernel 6.10 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2026-46216 actively exploited?

No — CVE-2026-46216 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.