CVE-2026-46134 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_typec: Init mutex in Thunderbolt registration cros_typec_register_thunderbolt() missed initializing the `adata->lock` mutex. This leads to a NULL dereference when the mutex is later acquired (e.g. in cros_typec_altmode_work()). Initialize the mutex in cros_typec_register_thunderbolt() to fix the issue.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/23ae72e8c2f1c1d1da8cbd479320ddcfcc9c7435
https://git.kernel.org/stable/c/3b13d5883a097f538fccbab1c61c95546d29621f
https://git.kernel.org/stable/c/525cb7ba6661074c1c5cc3772bccc6afab6791ef

History

Thu, 28 May 2026 10:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_typec: Init mutex in Thunderbolt registration cros_typec_register_thunderbolt() missed initializing the `adata->lock` mutex. This leads to a NULL dereference when the mutex is later acquired (e.g. in cros_typec_altmode_work()). Initialize the mutex in cros_typec_register_thunderbolt() to fix the issue.
Title		platform/chrome: cros_ec_typec: Init mutex in Thunderbolt registration
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/23ae72e8c2f1c1d1da8cbd479320ddcfcc9c7435 https://git.kernel.org/stable/c/3b13d5883a097f538fccbab1c61c95546d29621f https://git.kernel.org/stable/c/525cb7ba6661074c1c5cc3772bccc6afab6791ef

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-28T09:35:48.624Z

Updated: 2026-05-28T09:35:48.624Z

Reserved: 2026-05-13T15:03:33.099Z

Link: CVE-2026-46134

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-28T10:16:28.970

Modified: 2026-05-28T10:16:28.970

Link: CVE-2026-46134

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-46134", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-05-13T15:03:33.099Z", "datePublished": "2026-05-28T09:35:48.624Z", "dateUpdated": "2026-05-28T09:35:48.624Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-28T09:35:48.624Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/chrome: cros_ec_typec: Init mutex in Thunderbolt registration\n\ncros_typec_register_thunderbolt() missed initializing the `adata->lock`\nmutex. This leads to a NULL dereference when the mutex is later\nacquired (e.g. in cros_typec_altmode_work()).\n\nInitialize the mutex in cros_typec_register_thunderbolt() to fix the\nissue."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/platform/chrome/cros_typec_altmode.c"], "versions": [{"version": "3b00be26b16ad72c85624ada08cbae2d2c57b6e9", "lessThan": "23ae72e8c2f1c1d1da8cbd479320ddcfcc9c7435", "status": "affected", "versionType": "git"}, {"version": "3b00be26b16ad72c85624ada08cbae2d2c57b6e9", "lessThan": "3b13d5883a097f538fccbab1c61c95546d29621f", "status": "affected", "versionType": "git"}, {"version": "3b00be26b16ad72c85624ada08cbae2d2c57b6e9", "lessThan": "525cb7ba6661074c1c5cc3772bccc6afab6791ef", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/platform/chrome/cros_typec_altmode.c"], "versions": [{"version": "6.14", "status": "affected"}, {"version": "0", "lessThan": "6.14", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.30", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.7", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.1-rc3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.14", "versionEndExcluding": "6.18.30"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.14", "versionEndExcluding": "7.0.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.14", "versionEndExcluding": "7.1-rc3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/23ae72e8c2f1c1d1da8cbd479320ddcfcc9c7435"}, {"url": "https://git.kernel.org/stable/c/3b13d5883a097f538fccbab1c61c95546d29621f"}, {"url": "https://git.kernel.org/stable/c/525cb7ba6661074c1c5cc3772bccc6afab6791ef"}], "title": "platform/chrome: cros_ec_typec: Init mutex in Thunderbolt registration", "x_generator": {"engine": "bippy-1.2.0"}}}}