PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-46156 Linux CVE debrief

A vulnerability in the Linux kernel's LoongArch architecture support could cause an Address Display Error (ADE) panic during PCI device enumeration when a discrete GPU is present on the platform. The issue occurs in `loongson_gpu_fixup_dma_hang()` where an incorrect device address calculation leads to reading from a random memory address when the switch case does not match expected DC2 or DC3 values. The fix adds a default switch case to prevent the invalid memory access.

Vendor
Linux
Product
Unknown
CVSS
Unknown
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-28
Original CVE updated
2026-05-28
Advisory published
2026-05-28
Advisory updated
2026-05-28

Who should care

Organizations running LoongArch-based systems (such as Loongson-3A6000-HV) with discrete GPU configurations; Linux distribution maintainers for LoongArch ports; system administrators managing LoongArch server or workstation deployments

Technical summary

The vulnerability exists in `loongson_gpu_fixup_dma_hang()` in the Linux kernel's LoongArch architecture support. The function calculates a device address using `base+PCI_DEVICE_ID` where `base` is derived from `pdev->devfn+1`. When a discrete GPU is present (as shown in the lspci output with device 06.2), the switch case may not match DC2 or DC3 values, causing `readl(crtc_reg)` to access a random address (0x7fffffffffffff00 in the panic trace). This results in an Address Display Error Memory (ADEM) exception and kernel panic during early boot PCI enumeration. The fix adds a default switch case to prevent the invalid memory access when unexpected device types are encountered.

Defensive priority

medium

Recommended defensive actions

  • Apply kernel patches from stable branches when available for your distribution
  • Monitor Linux kernel stable releases for backported fixes to affected versions
  • Review systems with LoongArch processors and discrete GPU configurations for stability issues during boot
  • Consider disabling discrete GPU if not required until patch is applied, though this may not be practical for all use cases
  • Verify kernel version includes fix commits: 07d190e4ec689d6478f7f5e36099fb9bf457e7c5, 2cb19b06c09983727573bbe7d7430cbad480a714, 81fef1c278436e6bd68ee4ca05a0acb96e256561, 8dfa2f8780e486d05b9a0ffce70b8f5fbd62053e, 9e1aed63
  • Monitor system logs for ADE/ADEM errors during PCI enumeration on LoongArch systems

Evidence notes

The CVE description includes a kernel panic trace showing ADEM (Address Display Error, Memory) with BADV address 0x7fffffffffffff00, confirming out-of-bounds memory access. The vulnerable code path involves `loongson_gpu_fixup_dma_hang()` during PCI bus scanning. The fix commits add a default case to the switch statement to handle unexpected device types gracefully.

Official resources

2026-05-28