{"id":"CVE-2026-46007","summary":"hwmon: (powerz) Avoid cacheline sharing for DMA buffer","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (powerz) Avoid cacheline sharing for DMA buffer\n\nDepending on the architecture the transfer buffer may share a cacheline\nwith the following mutex. As the buffer may be used for DMA, that is\nproblematic.\n\nUse the high-level DMA helpers to make sure that cacheline sharing can\nnot happen.\n\nAlso drop the comment, as the helpers are documentation enough.\n\nhttps://sashiko.dev/#/message/20260408175814.934BFC19421%40smtp.kernel.org","modified":"2026-06-18T03:57:01.148098123Z","published":"2026-05-27T12:56:06.623Z","related":["openSUSE-SU-2026:10954-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46007.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1869da3efe703b016b23d4885f3fe6c1751959c6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/270e5c576a6e30f6b337fa91d35b44c241297533"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2fa2273016a0483217404cfe330967c4ac6832a9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3023c050af3600bf451153335dea5e073c9a3088"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46007.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-46007"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4381a36abdf1c5c0323c1c51f869dc000115eb20"},{"fixed":"270e5c576a6e30f6b337fa91d35b44c241297533"},{"fixed":"1869da3efe703b016b23d4885f3fe6c1751959c6"},{"fixed":"2fa2273016a0483217404cfe330967c4ac6832a9"},{"fixed":"3023c050af3600bf451153335dea5e073c9a3088"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46007.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.88"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.30"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"7.0.4"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46007.json"}}],"schema_version":"1.7.5"}