CVE-2026-46284

June 8, 2026, 5:16 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix early boot crash on parameters without '=' separator If hugepages, hugepagesz, or default_hugepagesz are specified on the kernel command line without the '=' separator, early parameter parsing passes NULL to hugetlb_add_param(), which dereferences it in strlen() and can crash the system during early boot. Reject NULL values in hugetlb_add_param() and return -EINVAL instead.

Product(s) Impacted

Vendor Product Versions
Linux
  • Kernel
  • Hugetlb
  • *
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
o linux kernel / / / / / / / /
a linux hugetlb / / / / / / / /

References

https://git.kernel.org/stable/c/2774bcf714739cc6bb86f8812167bb9fbda70f6a
https://git.kernel.org/stable/c/357c6d084b6137ae640209c5bfd01180f985c015
https://git.kernel.org/stable/c/c45b354911d01565156e38d7f6bc07edb51fc34c

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2026-06-08
CVE-2026-46284

Timeline

Published: June 8, 2026, 5:16 p.m.
Last Modified: June 8, 2026, 5:16 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.