What is CVE-2026-46220?

CVE-2026-46220 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 4.12 onward and patched in 5.10.258, 5.15.209, 6.1.175 and others. CVE-2026-46220 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2026-46220?

CVE-2026-46220 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2026-46220?

Yes, CVE-2026-46220 has been patched. Fixed versions include 5.10.258, 5.15.209, 6.1.175 and others. If you are running Linux kernel 4.12 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2026-46220 actively exploited?

CVE-2026-46220 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2026-46220

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission sdma_v4_0_ring_emit_fence() contains two BUG_ON(addr & 0x3) assertions that verify fence writeback addresses are dword-aligned. These assertions can be reached from unprivileged userspace via crafted DRM_IOCTL_AMDGPU_CS submissions, causing a fatal kernel panic in a scheduler worker thread. Replace both BUG_ON() calls with WARN_ON() to log the condition without crashing the kernel. A misaligned fence address at this point indicates a driver bug, but crashing the kernel is never the correct response when the assertion is reachable from userspace. The CS IOCTL path is the correct place to filter invalid submissions; the ring emission callback is too late to do anything about it. (cherry picked from commit b90250bd933afd1ba94d86d6b13821997b22b18e)

Package Linux Kernel

Published 2026-05-28

Last modified 2026-06-01

Patch available

Yes

Affected versions

Linux kernel versions 4.12 and later are affected. Fixed in 5.10.258, 5.15.209, 6.1.175, 6.6.140, 6.12.90, 6.18.32, 7.0.9, 7.1-rc3 and their respective stable series.

Affected from

≥ 4.12

Fixed in

✓ 5.10.258 5.10.x ✓ 5.15.209 5.15.x ✓ 6.1.175 6.1.x ✓ 6.6.140 6.6.x ✓ 6.12.90 6.12.x ✓ 6.18.32 6.18.x ✓ 7.0.9 7.0.x ✓ 7.1-rc3

References

The following references provide additional information about CVE-2026-46220 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/0b91ea46bb68abf98a082bf239092253bbd6aaa2
Patch
Kernel patch commit
https://git.kernel.org/stable/c/25e7d56a39657d56d1ea6d78992f7ed15dedb412
Patch
Kernel patch commit
https://git.kernel.org/stable/c/4f7ca00fa91daf0795ec6b3b130c5ebba1f155fe
Patch

8 patch commits total View all on NVD

Frequently asked questions

What is CVE-2026-46220?

CVE-2026-46220 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 4.12 onward and has been patched in 5.10.258, 5.15.209, 6.1.175 and others. CVE-2026-46220 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2026-46220?

Yes — CVE-2026-46220 has been patched. Fixed versions include 5.10.258, 5.15.209, 6.1.175 and others. If you are running Linux kernel 4.12 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2026-46220 actively exploited?

No — CVE-2026-46220 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.