{"@context":"https://openvex.dev/ns/v0.2.0","@id":"https://database.harborguard.co/cve/CVE-2026-46316/vex.json","author":"HarborGuard Database","role":"Document Creator","timestamp":"2026-06-14T04:30:10.361Z","version":1,"tooling":"HarborGuard Database (https://database.harborguard.co)","statements":[{"vulnerability":{"name":"CVE-2026-46316","@id":"https://www.cve.org/CVERecord?id=CVE-2026-46316","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry\n\nvgic_its_invalidate_cache() walks the per-ITS translation cache with\nxa_for_each() and drops the cache's reference on each entry with\nvgic_put_irq(). It puts the iterated pointer, though, rather than the\nvalue returned by xa_erase().\n\nThe function is called from contexts that do not exclude one another: the\nITS command handlers hold its_lock, "},"products":[{"@id":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:linux:linux:6.10:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:6.10:*:*:*:*:*:*:*"}}],"status":"affected","action_statement":"Update to a fixed version: 0, 13031fb6b8357fbbcded2a7f4cba73e4781ee594, 2bbc395e81bd29c543a0529a678327e932a7ec69, 6.12.93, 6.18.35, 7.0.12, 7.1-rc7, 9121f4605ab94969f62d1b5714ca3c6c69bd202f, b7b72e88046328c9fdc638fe887d4240257dd5dc.","timestamp":"2026-06-14T04:30:10.361Z"}]}