CVE-2026-45896
HIGHmtd: intel-dg: Fix accessing regions before setting nregions
Title source: cnaDescription
In the Linux kernel, the following vulnerability has been resolved: mtd: intel-dg: Fix accessing regions before setting nregions The regions array is counted by nregions, but it's set only after accessing it: [] UBSAN: array-index-out-of-bounds in drivers/mtd/devices/mtd_intel_dg.c:750:15 [] index 0 is out of range for type '<unknown> [*]' Fix it by also fixing an undesired behavior: the loop silently ignores ENOMEM and continues setting the other entries.
Scores
CVSS v3
7.8
EPSS
0.0016
EPSS Percentile
5.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-129
Status
published
Products (11)
linux/Kernel
6.17.0 - 6.18.14linux
linux/Kernel
6.19.0 - 6.19.4linux
Linux/Linux
< 6.17
Linux/Linux
6.17
Linux/Linux
6.18.14 - 6.18.*
Linux/Linux
6.19.4 - 6.19.*
Linux/Linux
7.0
Linux/Linux
ceb5ab3cb64637952657be23d347e1c79dd02212 - 721bd22bcf45a63ebd9bd0f478ef721b45cc5383
Linux/Linux
ceb5ab3cb64637952657be23d347e1c79dd02212 - 779c59274d03cc5c07237a2c845dfb71cff77705
Linux/Linux
ceb5ab3cb64637952657be23d347e1c79dd02212 - d58fca8513414b15387460b14a7a0a30405b9c9e
... and 1 more
Published
May 27, 2026
Tracked Since
May 27, 2026