CVE-2026-46174 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache

Make sure resources are not improperly shared in the op cache and
cause instruction corruption this way.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00024.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 1e23b30a80b14e5764657401ee2cca030525ae8e
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< f5bc3aef7df46eaaf423d7413ab8833f704ae576
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 251497955f2314cd39d43191e81c6151dead4c7b
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< ff6fc65b3bf73acc5ee71919154d830ad5431362
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 9109489cc8c34e50d15575a3d1ff82af586bc1aa
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 28f5ed477eef166d678d6966762cbc1de9b4f436
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 1cd85a19748b2407830376a5cbae5c0f126016e5
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< c21b90f77687075115d989e53a8ec5e2bb427ab1
`0`	affected	< 5.10.256
`0`	affected	< 5.15.207
`0`	affected	< 6.1.173
`0`	affected	< 6.6.139
`0`	affected	< 6.12.88
`0`	affected	< 6.18.30
`0`	affected	< 7.0.7

Linux

affected

Version	Status	Constraints
`5.10.256`	unaffected	≤ 5.10.*
`5.15.207`	unaffected	≤ 5.15.*
`6.1.173`	unaffected	≤ 6.1.*
`6.6.139`	unaffected	≤ 6.6.*
`6.12.88`	unaffected	≤ 6.12.*
`6.18.30`	unaffected	≤ 6.18.*
`7.0.7`	unaffected	≤ 7.0.*
`7.1-rc4`	unaffected	≤ *

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Project Subscriptions

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Advisories

Source	ID	Title
Debian DLA	DLA-4606-1	linux security update
Debian DLA	DLA-4607-1	linux-6.1 security update
Debian DSA	DSA-6306-1	linux security update

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/1cd85a19748b2407830376a5cbae5c0f126016e5
https://git.kernel.org/stable/c/1e23b30a80b14e5764657401ee2cca030525ae8e
https://git.kernel.org/stable/c/251497955f2314cd39d43191e81c6151dead4c7b
https://git.kernel.org/stable/c/28f5ed477eef166d678d6966762cbc1de9b4f436
https://git.kernel.org/stable/c/9109489cc8c34e50d15575a3d1ff82af586bc1aa
https://git.kernel.org/stable/c/c21b90f77687075115d989e53a8ec5e2bb427ab1
https://git.kernel.org/stable/c/f5bc3aef7df46eaaf423d7413ab8833f704ae576
https://git.kernel.org/stable/c/ff6fc65b3bf73acc5ee71919154d830ad5431362
https://lore.kernel.org/linux-cve-announce/2026052828-CVE-2026-46174-e399@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-46174
https://www.cve.org/CVERecord?id=CVE-2026-46174

History

Fri, 29 May 2026 00:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-653
References		https://lore.kernel.org/linux-cve-announce/2026052828-CVE-2026-46174-e399@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-46174 https://www.cve.org/CVERecord?id=CVE-2026-46174
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Moderate`

Thu, 28 May 2026 10:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache Make sure resources are not improperly shared in the op cache and cause instruction corruption this way.
Title		x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/1cd85a19748b2407830376a5cbae5c0f126016e5 https://git.kernel.org/stable/c/1e23b30a80b14e5764657401ee2cca030525ae8e https://git.kernel.org/stable/c/251497955f2314cd39d43191e81c6151dead4c7b https://git.kernel.org/stable/c/28f5ed477eef166d678d6966762cbc1de9b4f436 https://git.kernel.org/stable/c/9109489cc8c34e50d15575a3d1ff82af586bc1aa https://git.kernel.org/stable/c/c21b90f77687075115d989e53a8ec5e2bb427ab1 https://git.kernel.org/stable/c/f5bc3aef7df46eaaf423d7413ab8833f704ae576 https://git.kernel.org/stable/c/ff6fc65b3bf73acc5ee71919154d830ad5431362

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-28T09:36:28.703Z

Updated: 2026-05-28T09:36:28.703Z

Reserved: 2026-05-13T15:03:33.103Z

Link: CVE-2026-46174

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-28T10:16:33.020

Modified: 2026-05-28T13:44:01.663

Link: CVE-2026-46174

Redhat

Severity : Moderate

Publid Date: 2026-05-28T00:00:00Z

Links: CVE-2026-46174 - Bugzilla

OpenCVE Enrichment

Updated: 2026-05-29T02:00:09Z

Weaknesses

CWE-653

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object