CVE-2026-46134

MEDIUM

platform/chrome: cros_ec_typec: Init mutex in Thunderbolt registration

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_typec: Init mutex in Thunderbolt registration cros_typec_register_thunderbolt() missed initializing the `adata->lock` mutex. This leads to a NULL dereference when the mutex is later acquired (e.g. in cros_typec_altmode_work()). Initialize the mutex in cros_typec_register_thunderbolt() to fix the issue.

Scores

CVSS v3 5.5
EPSS 0.0013
EPSS Percentile 2.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-476
Status published
Products (13)
linux/Kernel 6.14.0 - 6.18.30linux
linux/Kernel 6.19.0 - 7.0.7linux
Linux/Linux < 6.14
Linux/Linux 3b00be26b16ad72c85624ada08cbae2d2c57b6e9 - 23ae72e8c2f1c1d1da8cbd479320ddcfcc9c7435
Linux/Linux 3b00be26b16ad72c85624ada08cbae2d2c57b6e9 - 3b13d5883a097f538fccbab1c61c95546d29621f
Linux/Linux 3b00be26b16ad72c85624ada08cbae2d2c57b6e9 - 525cb7ba6661074c1c5cc3772bccc6afab6791ef
Linux/Linux 6.14
Linux/Linux 6.18.30 - 6.18.*
Linux/Linux 7.0.7 - 7.0.*
Linux/Linux 7.1
... and 3 more
Published May 28, 2026
Tracked Since May 28, 2026