CVE-2026-46142 - Vulnerability Details

- net: libwx: fix VF illegal register access

Description

In the Linux kernel, the following vulnerability has been resolved:

net: libwx: fix VF illegal register access

Register WX_CFG_PORT_ST is a PF restricted register. When a VF is
initialized, attempting to read this register triggers an illegal
register access, which lead to a system hang.

When the device is VF, the bus function ID can be obtained directly from
the PCI_FUNC(pdev->devfn).

Published: 2026-05-28

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`d4187ec2641061748480cdc944fd07653fad50d5`	affected	< d3bd8040497968f6f5470018724ef7b0df92f707
`f0b3ecdbb5bbee8ca6b2892aba3988c8a3ce858e`	affected	< f6e656f7cea16b638675a2ab7d7e4cf2516c5eb0
`a04ea57aae375bdda1cb57034d8bcbb351e1f973`	affected	< 33c5bb50b9c40e8451e6aec4487a31d794b98d92
`a04ea57aae375bdda1cb57034d8bcbb351e1f973`	affected	< 68a007a701bc06fa426507c551ef12514f2e721d
`a04ea57aae375bdda1cb57034d8bcbb351e1f973`	affected	< 694de316f607fe2473d52ca0707e3918e72c1562
`93e52b75f11a8f39b22993ae315b5b9a6b2668a3`	affected	—
`6.6.117`	affected	< 6.6.140
`6.12.58`	affected	< 6.12.88
`6.17.8`	affected	< 6.18

Linux

affected

Version	Status	Constraints
`6.18`	affected	—
`0`	unaffected	< 6.18
`6.6.140`	unaffected	≤ 6.6.*
`6.12.88`	unaffected	≤ 6.12.*
`6.18.30`	unaffected	≤ 6.18.*
`7.0.7`	unaffected	≤ 7.0.*
`7.1`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[d4187ec2641061748480cdc944fd07653fad50d5,d3bd8040497968f6f5470018724ef7b0df92f707)`	affected	code_commit	—
`[f0b3ecdbb5bbee8ca6b2892aba3988c8a3ce858e,f6e656f7cea16b638675a2ab7d7e4cf2516c5eb0)`	affected	code_commit	—
`[a04ea57aae375bdda1cb57034d8bcbb351e1f973,33c5bb50b9c40e8451e6aec4487a31d794b98d92)`	affected	code_commit	—
`[a04ea57aae375bdda1cb57034d8bcbb351e1f973,68a007a701bc06fa426507c551ef12514f2e721d)`	affected	code_commit	—
`[a04ea57aae375bdda1cb57034d8bcbb351e1f973,694de316f607fe2473d52ca0707e3918e72c1562)`	affected	code_commit	—
`93e52b75f11a8f39b22993ae315b5b9a6b2668a3`	affected	code_commit	—
`[6.6.117,6.6.140)`	affected	semver	—
`[6.12.58,6.12.88)`	affected	semver	—
`[6.17.8,6.18)`	affected	semver	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`6.18`	affected	semver	—
`[0,6.18)`	unaffected	semver	—
`[6.6.140,6.7.0)`	unaffected	semver	—
`[6.12.88,6.13.0)`	unaffected	semver	—
`[6.18.30,6.19.0)`	unaffected	semver	—
`[7.0.7,7.1.0)`	unaffected	semver	—
`[7.1-rc3,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00127.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/33c5bb50b9c40e8451e6aec4487a31d794b98d92
https://git.kernel.org/stable/c/68a007a701bc06fa426507c551ef12514f2e721d
https://git.kernel.org/stable/c/694de316f607fe2473d52ca0707e3918e72c1562
https://git.kernel.org/stable/c/d3bd8040497968f6f5470018724ef7b0df92f707
https://git.kernel.org/stable/c/f6e656f7cea16b638675a2ab7d7e4cf2516c5eb0
https://lore.kernel.org/linux-cve-announce/2026052820-CVE-2026-46142-52bf@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-46142
https://www.cve.org/CVERecord?id=CVE-2026-46142

History

Fri, 29 May 2026 00:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-1220
References		https://lore.kernel.org/linux-cve-announce/2026052820-CVE-2026-46142-52bf@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-46142 https://www.cve.org/CVERecord?id=CVE-2026-46142

Thu, 28 May 2026 12:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-269

Thu, 28 May 2026 10:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix VF illegal register access Register WX_CFG_PORT_ST is a PF restricted register. When a VF is initialized, attempting to read this register triggers an illegal register access, which lead to a system hang. When the device is VF, the bus function ID can be obtained directly from the PCI_FUNC(pdev->devfn).
Title		net: libwx: fix VF illegal register access
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/33c5bb50b9c40e8451e6aec4487a31d794b98d92 https://git.kernel.org/stable/c/68a007a701bc06fa426507c551ef12514f2e721d https://git.kernel.org/stable/c/694de316f607fe2473d52ca0707e3918e72c1562 https://git.kernel.org/stable/c/d3bd8040497968f6f5470018724ef7b0df92f707 https://git.kernel.org/stable/c/f6e656f7cea16b638675a2ab7d7e4cf2516c5eb0

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-28T09:35:57.837Z

Updated: 2026-06-14T17:57:38.598Z

Reserved: 2026-05-13T15:03:33.100Z

Link: CVE-2026-46142

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-28T10:16:29.790

Modified: 2026-05-28T13:44:01.663

Link: CVE-2026-46142

Redhat

Severity :

Publid Date: 2026-05-28T00:00:00Z

Links: CVE-2026-46142 - Bugzilla

OpenCVE Enrichment

Updated: 2026-05-29T01:45:26Z

Weaknesses

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object