{"@context":"https://openvex.dev/ns/v0.2.0","@id":"https://database.harborguard.co/cve/CVE-2026-46304/vex.json","author":"HarborGuard Database","role":"Document Creator","timestamp":"2026-06-14T04:30:05.308Z","version":1,"tooling":"HarborGuard Database (https://database.harborguard.co)","statements":[{"vulnerability":{"name":"CVE-2026-46304","@id":"https://www.cve.org/CVERecord?id=CVE-2026-46304","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: avoid recursive nvmet-wq flush in nvmet_ctrl_free\n\nnvmet_tcp_release_queue_work() runs on nvmet-wq and can drop the\nfinal controller reference through nvmet_cq_put(). If that triggers\nnvmet_ctrl_free(), the teardown path flushes ctrl->async_event_work on\nthe same nvmet-wq.\n\nCall chain:\n\n nvmet_tcp_schedule_release_queue()\n   kref_put(&queue->kref, nvmet_tcp_release_queue)\n     nvmet_tcp_release_queue()\n       queue_work("},"products":[{"@id":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:linux:linux:4.10:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:4.10:*:*:*:*:*:*:*"}}],"status":"affected","action_statement":"Update to a fixed version: 0, 4.10, 5.10.258, 5.15.209, 551f445a56a11a6457550cddcf39c9ebb8bcacc6, 6.1.175, 6.6.140, 6.12.88, 6.18.30, 7.0.7, 7.1-rc2, 781f47d641432c26c19625b2cdd7f40825097592, 8d66ba89480ff098a58d79003a505f383aa4e920, 9a4d7222c0955b221e38bb66d10e6bccb672c8a1, a696fbbd5240b4ac9b166f7bd4c550882ff543f1, aade8abd8b868b6ffa9697aadaea28ec7f65bee6, ae5b0cad163833e10b271e9becc05d81dae56e5f, ee6e20c4bc9eae542a0954a368449532383169d4.","timestamp":"2026-06-14T04:30:05.308Z"}]}