AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-46236: In the Linux kernel, the following vulnerability has been resolved: media: rc: xbox_remote: heed DMA restrictions The

infovulnerability

security

Source: NVD/CVE DatabaseMay 28, 2026CVE-2026-46236

Summary

CVE-2026-46236 is a vulnerability in the Linux kernel's Xbox remote driver where a DMA (direct memory access, a way hardware directly reads/writes system memory) buffer was incorrectly placed inside a device structure, violating DMA coherency rules that ensure data stays consistent between the CPU and hardware. The fix involves moving this buffer to a separate location outside the device structure to comply with DMA requirements.

Solution / Mitigation

The vulnerability was resolved in the Linux kernel through commits available at: https://git.kernel.org/stable/c/0bd8ac88ec5f74cd0f4b8cfc54f4cc0827007249, https://git.kernel.org/stable/c/0cc9251833bf02c8c7863404157c94dab5928fcf, https://git.kernel.org/stable/c/48a668c22e8f92637bc496e84d1cf06900f74a5c, https://git.kernel.org/stable/c/63a960b39de9c51f29ca19aa5067934f865c0bc7, and https://git.kernel.org/stable/c/e280d1e5e3f2595bbb43fe6e1bce00c59a43c0ff. Users should update their Linux kernel to a version containing one of these commits.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Disclosure Date

May 28, 2026

Classification

Attack SophisticationModerate

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-46236

First tracked: May 28, 2026 at 08:08 AM

Classified by LLM (prompt v3) · confidence: 95%