PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-46290 Linux CVE debrief

A vulnerability in the Linux kernel's x86/efi component has been identified. The issue arises from a change in kernel_fpu_begin() calls fpregs_lock(), which uses local_bh_disable() instead of preempt_disable(). This causes in_interrupt() to return true in normal task context, leading the graceful page fault handler efi_crash_gracefully_on_page_fault() to bail out and escalate to die(), resulting in a hard system freeze. The fix replaces in_interrupt() with !in_task() to preserve the original intent of bailing for interrupts or NMI faults.

Vendor
Linux
Product
Unknown
CVSS
Unknown
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-08
Original CVE updated
2026-06-08
Advisory published
2026-06-08
Advisory updated
2026-06-08

Who should care

Linux kernel developers and users, particularly those using x86/efi systems, should be aware of this vulnerability.

Technical summary

The vulnerability is caused by a change in the Linux kernel's x86/efi component. Specifically, the kernel_fpu_begin() function calls fpregs_lock(), which uses local_bh_disable() instead of preempt_disable(). This sets SOFTIRQ_OFFSET in preempt_count during EFI runtime service calls, causing in_interrupt() to return true in normal task context. As a result, the efi_crash_gracefully_on_page_fault() function bails out, leading to a hard system freeze.

Defensive priority

High

Recommended defensive actions

  • Apply the fix by replacing in_interrupt() with !in_task() in the efi_crash_gracefully_on_page_fault() function.
  • Use official kernel updates or patches when available.

Evidence notes

The vulnerability was resolved by a commit in the Linux kernel. References to the commit and related discussions are available through the following links:

Official resources

CVE-2026-46290 was published on 2026-06-08T17:16:47.230Z.