CVE-2026-46247

MEDIUM EPSS 2.4%
Published Jun 3, 20263w ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Jun 3, 2026 3w ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gfx3d: add parent to parent request map After commit d228ece36345 ("clk: divider: remove round_rate() in favor of determine_rate()") determining GFX3D clock rate crashes, because the passed parent map doesn't provide the expected best_parent_hw clock (with the roundd_rate path before the offending commit the best_parent_hw was ignored). Set the field in parent_req in addition to setting it in the req, fixing the crash. clk_hw_round_rate (drivers/clk/clk.c:1764) (P) clk_divider_bestdiv (drivers/clk/clk-divider.c:336) divider_determine_rate (drivers/clk/clk-divider.c:358) clk_alpha_pll_postdiv_determine_rate (drivers/clk/qcom/clk-alpha-pll.c:1275) clk_core_determine_round_nolock (drivers/clk/clk.c:1606) clk_core_round_rate_nolock (drivers/clk/clk.c:1701) __clk_determine_rate (drivers/clk/clk.c:1741) clk_gfx3d_determine_rate (drivers/clk/qcom/clk-rcg2.c:1268) clk_core_determine_round_nolock (drivers/clk/clk.c:1606) clk_core_round_rate_nolock (drivers/clk/clk.c:1701) clk_core_round_rate_nolock (drivers/clk/clk.c:1710) clk_round_rate (drivers/clk/clk.c:1804) dev_pm_opp_set_rate (drivers/opp/core.c:1440 (discriminator 1)) msm_devfreq_target (drivers/gpu/drm/msm/msm_gpu_devfreq.c:51) devfreq_set_target (drivers/devfreq/devfreq.c:360) devfreq_update_target (drivers/devfreq/devfreq.c:426) devfreq_monitor (drivers/devfreq/devfreq.c:458) process_one_work (arch/arm64/include/asm/jump_label.h:36 include/trace/events/workqueue.h:110 kernel/workqueue.c:3284) worker_thread (kernel/workqueue.c:3356 (discriminator 2) kernel/workqueue.c:3443 (discriminator 2)) kthread (kernel/kthread.c:467) ret_from_fork (arch/arm64/kernel/entry.S:861)

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel*≥4.5  –  <6.1.165
linuxlinux_kernel*≥6.2  –  <6.6.128
linuxlinux_kernel*≥6.7  –  <6.12.75
linuxlinux_kernel*≥6.13  –  <6.18.14
linuxlinux_kernel*≥6.19  –  <6.19.4

References 6

  • git.kernel.org https://git.kernel.org/stable/c/2583cb925ca1ce450aa5d74a05a67448db970193
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/547ae2f17349c7586953af5ef50de43ef3f65e9e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/56360aa4ddd736fc19e6d0b0206c5e437e0d6ff8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/82cfe5292b11deb1dc33822f67f73cfbe8eafe25
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8aa972eba1f29068d13bec716d33abca30fb3f2a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/aed53da569fb96eec09b4817b1953bcc2e467eea
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/2583cb925ca1ce450aa5d74a05a67448db970193
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/547ae2f17349c7586953af5ef50de43ef3f65e9e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/56360aa4ddd736fc19e6d0b0206c5e437e0d6ff8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/82cfe5292b11deb1dc33822f67f73cfbe8eafe25
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8aa972eba1f29068d13bec716d33abca30fb3f2a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/aed53da569fb96eec09b4817b1953bcc2e467eea
    Patch