PT-2026-44314 · Linux+1 · Linux Kernel+1

Published

2026-05-28

·

Updated

2026-06-19

·

CVE-2026-46191

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified) openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1
Description An out-of-bounds font access occurs in the fbcon rotate font() function when console rotation fails. The system retains the old buffer, which is too small for the rotated font. Consequently, printing to the rotated console using a sufficiently high character code results in a font buffer overflow.
Recommendations Update the Linux kernel to a version where the fbcon rotate font() function clears the font buffer upon reallocation failure. Update openSUSE Tumbleweed to version kernel-devel-7.0.11-1.1.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-46191
ECHO-925B-0090-45A5
OPENSUSE-SU-2026:10954-1

Affected Products

Linux Kernel
Opensuse Tumbleweed