In the Linux kernel, the following vulnerability has been resolved:

greybus: gb-beagleplay: bound bootloader receive buffering

cc1352_bootloader_rx() appends each serdev chunk into the fixed
rx_buffer before parsing bootloader packets. The helper can keep
leftover bytes between callbacks and may receive multiple packets in one
callback, so a single count value is not constrained by one packet
length.

Check that the incoming chunk fits in the remaining receive buffer space
before memcpy(). If it does not, drop the staged data and consume the
bytes instead of overflowing rx_buffer.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Linux Linux unaffected
Version Status Constraints
0cf7befa3ea2e7284d8ba5b8f45a546865b09edb affected < 663c2728a6d0f781044431111b53a27f71027e48
0cf7befa3ea2e7284d8ba5b8f45a546865b09edb affected < fb91d4e49fcbea0b5091394ac5b8f7d4124265c3
0cf7befa3ea2e7284d8ba5b8f45a546865b09edb affected < 0339a746ff7cd3f9d10f565e89c99dc93191e58d
0cf7befa3ea2e7284d8ba5b8f45a546865b09edb affected < 1214bf28965ceaf584fb20d357731264dd2e10e1
Linux Linux affected
Version Status Constraints
6.12 affected
0 unaffected < 6.12
6.12.86 unaffected ≤ 6.12.*
6.18.27 unaffected ≤ 6.18.*
7.0.4 unaffected ≤ 7.0.*
7.1-rc1 unaffected ≤ *

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors Products
Linux Subscribe
Linux Kernel Subscribe

Project Subscriptions

Vendors Products
Linux Subscribe
Linux Kernel Subscribe
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://git.kernel.org/stable/c/0339a746ff7cd3f9d10f565e89c99dc93191e58d cve-icon cve-icon
https://git.kernel.org/stable/c/1214bf28965ceaf584fb20d357731264dd2e10e1 cve-icon cve-icon
https://git.kernel.org/stable/c/663c2728a6d0f781044431111b53a27f71027e48 cve-icon cve-icon
https://git.kernel.org/stable/c/fb91d4e49fcbea0b5091394ac5b8f7d4124265c3 cve-icon cve-icon
History

Tue, 09 Jun 2026 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-120

Tue, 09 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: bound bootloader receive buffering cc1352_bootloader_rx() appends each serdev chunk into the fixed rx_buffer before parsing bootloader packets. The helper can keep leftover bytes between callbacks and may receive multiple packets in one callback, so a single count value is not constrained by one packet length. Check that the incoming chunk fits in the remaining receive buffer space before memcpy(). If it does not, drop the staged data and consume the bytes instead of overflowing rx_buffer.
Title greybus: gb-beagleplay: bound bootloader receive buffering
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-09T12:36:00.450Z

Reserved: 2026-05-13T15:03:33.113Z

Link: CVE-2026-46332

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-09T14:16:42.817

Modified: 2026-06-09T14:16:42.817

Link: CVE-2026-46332

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T15:00:07Z

Weaknesses