CVE-2026-46092

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: check for PCI upstream bridge existence pci_upstream_bridge() returns NULL if the device is on a root bus. If 8821CE is installed in the system with such a PCI topology, the probing routine will crash. This has probably been unnoticed as 8821CE is mostly supplied in laptops where there is a PCI-to-PCI bridge located upstream from the device. However the card might be installed on a system with different configuration. Check if the bridge does exist for the specific workaround to be applied. Found by Linux Verification Center (linuxtesting.org) with Svace static analysis tool.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

25 Jun 2026, 21:15

Type Values Removed Values Added
CWE CWE-476
First Time Linux linux Kernel
Linux
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
References () https://git.kernel.org/stable/c/eb101d2abdcccb514ca4fccd3b278dd8267374f6 - () https://git.kernel.org/stable/c/eb101d2abdcccb514ca4fccd3b278dd8267374f6 - Patch
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5

27 May 2026, 14:17

Type Values Removed Values Added
New CVE

Information

Published : 2026-05-27 14:17

Updated : 2026-06-25 21:15


NVD link : CVE-2026-46092

Mitre link : CVE-2026-46092

CVE.ORG link : CVE-2026-46092


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference