CVE-2026-46041 Linux CVE debrief

Who should care

System administrators running Linux kernels with Greybus BeaglePlay support enabled, embedded systems developers using BeaglePlay hardware, and organizations with IoT or embedded Linux deployments utilizing Greybus protocols.

Technical summary

The vulnerability resides in drivers/greybus/gb-beagleplay.c in the Linux kernel's Greybus BeaglePlay driver. The hdlc_append() function, called from hdlc_tx_frames() with tx_producer_lock held, invoked usleep_range() to wait for circular buffer space. Since usleep_range() can sleep and spinlocks must be held without sleeping, this created a sleep-in-atomic-context condition. The fix pre-calculates required buffer space, waits outside the lock, then acquires the spinlock and writes the frame atomically. This ensures proper locking discipline and prevents kernel scheduling violations.

Defensive priority

medium

Recommended defensive actions

• Apply kernel patches from the stable kernel Git repositories to affected systems
• Update to a patched kernel version that includes the fix for CVE-2026-46041
• Monitor kernel logs for 'BUG: scheduling while atomic' errors as an indicator of potential exploitation attempts
• Review systems using Greybus BeaglePlay hardware for exposure to this vulnerability

Evidence notes

The vulnerability exists in the greybus: gb-beagleplay driver within the Linux kernel. The issue was detected by CodeQL's interprocedural sleep-in-atomic query and confirmed through code review. The fix involves moving the buffer-space wait operation outside of the spinlock-protected critical section in hdlc_tx_frames().

Official resources