VDB
CVE-2026-46284
CVE-2026-46284
PUBLISHED
Reported by Linux · Published June 8, 2026
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix early boot crash on parameters without '=' separator If hugepages, hugepagesz, or default_hugepagesz are specified on the kernel command line without the '=' separator, early parameter parsing passes NULL to hugetlb_add_param(), which dereferences it in strlen() and can crash the system during early boot. Reject NULL values in hugetlb_add_param() and return -EINVAL instead.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | 5b47c02967ab770aa7661c8863a21b2fd59e35ff, 5b47c02967ab770aa7661c8863a21b2fd59e35ff, 5b47c02967ab770aa7661c8863a21b2fd59e35ff |
| Linux | Linux | 6.15, 0, 6.18.27 |
| linux | linux_kernel | 6.15, 6.15, 6.15 |
| Linux | Linux | 5b47c02967ab770aa7661c8863a21b2fd59e35ff, 5b47c02967ab770aa7661c8863a21b2fd59e35ff, 5b47c02967ab770aa7661c8863a21b2fd59e35ff |
Timeline
- Jun 8, 2026 CVE Published
- Jun 9, 2026 Coalition ESS Score
- Jun 10, 2026 Security Advisory