Invokable Control Element in Multi-Thread Context with non-Final Static Storable or Member Element The advisory has been revoked - it doesn't affect any version of package kernel  (opens in a new tab)


Threat Intelligence

EPSS
0.16% (6th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-RHEL10-KERNEL-17352467
  • published17 Jun 2026
  • disclosed28 May 2026

Introduced: 28 May 2026

CVE-2026-46152  (opens in a new tab)
CWE-1058  (opens in a new tab)

Amendment

The Red Hat security team deemed this advisory irrelevant for RHEL:10.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel package and not the kernel package as distributed by RHEL.

In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211: drop stray 'static' from fast-RX rx_result

ieee80211_invoke_fast_rx() is documented as safe for parallel RX, but its per-invocation rx_result is declared static. Concurrent callers then share one instance and can overwrite each other's result between ieee80211_rx_mesh_data() and the switch on res.

That can make a packet that was queued or consumed by ieee80211_rx_mesh_data() fall through into ieee80211_rx_8023(), or make a packet that should continue return as queued.

Make res an automatic variable so each invocation keeps its own result.