PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-46287 Linux CVE debrief

A vulnerability has been identified in the Linux kernel, specifically in the txgbe module. When the module is removed, an RTNL assertion warning occurs due to a missing lock around the phylink_disconnect_phy() function. This issue arises for copper NICs with external PHYs, where the driver calls phylink_connect_phy() during probe and phylink_disconnect_phy() during removal. To resolve this, the patch adds rtnl_lock() and rtnl_unlock() around phylink_disconnect_phy() in the remove function.

Vendor
Linux
Product
Unknown
CVSS
Unknown
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-08
Original CVE updated
2026-06-08
Advisory published
2026-06-08
Advisory updated
2026-06-08

Who should care

Linux kernel users and administrators, particularly those utilizing the txgbe module, should be aware of this vulnerability. This issue may impact systems with copper NICs and external PHYs.

Technical summary

The vulnerability is caused by a missing RTNL lock in the txgbe module's remove function. Specifically, the phylink_disconnect_phy() function is called without proper locking, leading to an RTNL assertion warning. The patch fixes this by adding rtnl_lock() and rtnl_unlock() around phylink_disconnect_phy().

Defensive priority

Medium

Recommended defensive actions

  • Apply the patch that adds rtnl_lock() and rtnl_unlock() around phylink_disconnect_phy() in the txgbe module's remove function.
  • Use kernel versions that include the fix.

Evidence notes

The vulnerability was resolved by adding locks around the phylink_disconnect_phy() function. Relevant commits can be found at: [linkId: ref-4], [linkId: ref-5], [linkId: ref-6], [linkId: ref-7], [linkId: ref-8].

Official resources

CVE-2026-46287 was published on 2026-06-08T17:16:46.770Z.