CVE-2026-46246 is a vulnerability in Linux Kernel
Published on June 3, 2026
power: supply: pm8916_lbc: Fix use-after-free for extcon in IRQ handler
In the Linux kernel, the following vulnerability has been resolved:
power: supply: pm8916_lbc: Fix use-after-free for extcon in IRQ handler
Using the `devm_` variant for requesting IRQ _before_ the `devm_`
variant for allocating/registering the `extcon` handle, means that the
`extcon` handle will be deallocated/unregistered _before_ the interrupt
handler (since `devm_` naturally deallocates in reverse allocation
order). This means that during removal, there is a race condition where
an interrupt can fire just _after_ the `extcon` handle has been
freed, *but* just _before_ the corresponding unregistration of the IRQ
handler has run.
This will lead to the IRQ handler calling `extcon_set_state_sync()` with
a freed `extcon` handle. Which usually crashes the system or otherwise
silently corrupts the memory...
Fix this racy use-after-free by making sure the IRQ is requested _after_
the registration of the `extcon` handle.
Products Associated with CVE-2026-46246
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version f8d7a3d21160a0cab4d15b81231f2a76b0fcee13 and below 9fab0120907e6965168e55b1e17cb9dfaf262b86 is affected.
- Version f8d7a3d21160a0cab4d15b81231f2a76b0fcee13 and below 47abfc207ab02cf1297257e282e8048da63f0d08 is affected.
- Version f8d7a3d21160a0cab4d15b81231f2a76b0fcee13 and below 48e0f68b50c344bb2d78d65dd98f93e41276ee00 is affected.
- Version f8d7a3d21160a0cab4d15b81231f2a76b0fcee13 and below 23067259919663580c6f81801847cfc7bd54fd1f is affected.
- Version 6.7 is affected.
- Before 6.7 is unaffected.
- Version 6.12.75, <= 6.12.* is unaffected.
- Version 6.18.14, <= 6.18.* is unaffected.
- Version 6.19.4, <= 6.19.* is unaffected.
- Version 7.0, <= * is unaffected.