CVE-2026-46060 Linux CVE debrief

Who should care

Organizations running Linux systems with Intel QAT 6xxx series cryptographic acceleration hardware; kernel maintainers and distribution packagers; security teams monitoring for kernel resource leak conditions

Technical summary

The vulnerability exists in the Intel QuickAssist Technology (QAT) driver's probe path for 6xxx series devices. The driver uses pcim_enable_device() which internally registers pcim_msi_release() as a devres action. When adf_dev_up() partially succeeds then fails, the IRQ handlers registered during adf_isr_resource_alloc() are not detached before devres cleanup runs. Since devres executes in LIFO order, pcim_msi_release() fires before any custom cleanup, freeing MSI-X vectors while IRQ handlers remain registered. This causes the kernel's remove_proc_entry() to warn about non-empty directories and leaked entries. The fix explicitly calls adf_dev_down() when adf_dev_up() fails, ensuring proper IRQ handler detachment before MSI-X vector release.

Defensive priority

medium

Recommended defensive actions

• Apply kernel patches from stable branches when available for your distribution
• Monitor kernel logs for 'remove_proc_entry' warnings related to 'qat' IRQ handlers on systems with Intel QAT 6xxx devices
• Ensure proper error handling paths are exercised during QAT device initialization testing
• Review custom QAT driver modifications for similar devm/devres ordering issues

Evidence notes

CVE published 2026-05-27. Linux kernel crypto/qat driver fix. Three stable kernel commits provided. No CVSS score assigned; NVD status 'Awaiting Analysis'.

Official resources