CVE-2026-45896
published 2026-05-27CVE-2026-45896: In the Linux kernel, the following vulnerability has been resolved: mtd: intel-dg: Fix accessing regions before setting nregions The regions array is counted…
medium5.5
In the Linux kernel, the following vulnerability has been resolved:
mtd: intel-dg: Fix accessing regions before setting nregions
The regions array is counted by nregions, but it's set only after
accessing it:
[] UBSAN: array-index-out-of-bounds in drivers/mtd/devices/mtd_intel_dg.c:750:15
[] index 0 is out of range for type ' [*]'
Fix it by also fixing an undesired behavior: the loop silently ignores
ENOMEM and continues setting the other entries.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux | — | — |
| linux | linux | >= ceb5ab3cb64637952657be23d347e1c79dd02212 < 721bd22bcf45a63ebd9bd0f478ef721b45cc5383 | 721bd22bcf45a63ebd9bd0f478ef721b45cc5383 |
| linux | linux | >= ceb5ab3cb64637952657be23d347e1c79dd02212 < d58fca8513414b15387460b14a7a0a30405b9c9e | d58fca8513414b15387460b14a7a0a30405b9c9e |
| linux | linux | >= ceb5ab3cb64637952657be23d347e1c79dd02212 < 779c59274d03cc5c07237a2c845dfb71cff77705 | 779c59274d03cc5c07237a2c845dfb71cff77705 |
| linux | linux_kernel | — | — |