CVE-2026-46171

EUVD-2026-32798
In the Linux kernel, the following vulnerability has been resolved:

riscv: kvm: fix vector context allocation leak

When the second kzalloc (host_context.vector.datap) fails in
kvm_riscv_vcpu_alloc_vector_context, the first allocation
(guest_context.vector.datap) is leaked. Free it before returning.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.170-3
fixed
bookworm (security)
6.1.174-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.257-1
fixed
forky
7.0.9-1
fixed
sid
7.0.10-1
fixed
trixie
vulnerable
trixie (security)
vulnerable
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/1d57ab45ec5c0e22789de793bcf2a31ad6fb7d98
https://git.kernel.org/stable/c/b7c958d7c1eb1cb9b2be7b5ee4129fcd66cec978
https://git.kernel.org/stable/c/bd62c0f61bc722a097417401030c596cea8e21aa