CVE-2026-46068 Linux CVE debrief

Who should care

Organizations running Linux on IBM Power systems with NX842 compression hardware enabled; kernel maintainers and distribution security teams tracking memory leak fixes in crypto drivers

Technical summary

The NX842 crypto driver in the Linux kernel incorrectly frees bounce buffers allocated with `__get_free_pages(order=2)` using `free_page()` instead of `free_pages()` with matching order. This mismatch causes 3 of 4 allocated pages to leak on both allocation failure paths and normal context teardown. The bug affects systems using IBM Power NX842 hardware compression acceleration. The fix replaces `free_page()` calls with `free_pages(addr, BOUNCE_BUFFER_ORDER)` to properly release all allocated pages. No privilege escalation or code execution path is described; impact is limited to memory exhaustion under sustained allocation pressure.

Defensive priority

medium

Recommended defensive actions

• Apply kernel updates containing the referenced stable commits when available for your distribution
• Monitor vendor security advisories for backported fixes to long-term support kernels
• Verify nx842 driver is in use on IBM Power systems before prioritizing deployment
• Review systems for memory pressure indicators if running workloads utilizing NX842 hardware compression

Evidence notes

The vulnerability description and fix commits confirm this is a resource leak in kernel memory management, not an exploitable memory corruption issue. The bug was introduced by incorrect page deallocation semantics where higher-order allocations were paired with single-page frees, leaving 3 pages leaked per buffer. Five stable kernel commits are referenced, indicating backports to multiple maintained branches.

Official resources