Linux Kernel: DMA coherency flaw in igorplugusb driver — AWAITING NVD (CVE-2026-46091)

CISO Take

CVE-2026-46091 is a Linux kernel memory-safety bug in the igorplugusb USB infrared receiver driver, where a control request buffer used in DMA operations was not allocated with the coherency guarantees some host controllers require, risking kernel memory corruption or system instability. The assigned AI category of 'llm_api' is a misclassification — this CVE has no AI or ML component whatsoever; it affects an obscure USB peripheral driver found in almost no AI/ML infrastructure. There is no CVSS score, no EPSS data, no public exploit, and no CISA KEV listing, placing exploitation risk at negligible levels. No AI/ML-specific action is needed; apply Linux kernel updates through your standard infrastructure patch cadence.

Sources: NVD ATLAS

What is the risk?

Negligible risk to AI/ML systems. The vulnerability is confined to the igorplugusb USB infrared remote control driver in the Linux kernel — hardware absent from virtually all AI/ML serving and training environments. Exploitation requires local or physical access to a host with this specific USB device attached and the driver loaded. No CVSS vector, EPSS probability, or active exploitation evidence exists. Even on an affected host, the impact would be kernel instability rather than compromise of any AI/ML component.

Attack Kill Chain

Initial Access

Attacker gains local or physical access to a Linux host with an igorplugusb USB IR receiver physically attached and the kernel driver loaded.

AML.T0112

Exploitation

A crafted USB control request is issued to the device, triggering the DMA coherency violation in the kernel driver due to improper buffer allocation.

AML.T0049

Impact

Kernel memory corruption or crash destabilizes the host, causing a denial of service that disrupts any AI/ML workloads running on the affected system.

AML.T0029

Initial Access

Attacker gains local or physical access to a Linux host with an igorplugusb USB IR receiver physically attached and the kernel driver loaded.

AML.T0112

Exploitation

A crafted USB control request is issued to the device, triggering the DMA coherency violation in the kernel driver due to improper buffer allocation.

AML.T0049

Impact

Kernel memory corruption or crash destabilizes the host, causing a denial of service that disrupts any AI/ML workloads running on the affected system.

AML.T0029

Severity & Risk

CVSS 3.1

N/A

EPSS

N/A

Exploitation Status

No known exploitation

Sophistication

Advanced

What should I do?

1 step

Apply upstream Linux kernel stable-branch patches referenced in the five git.kernel.org commits. The fix — allocating the USB request structure separately via kmalloc to satisfy DMA coherency — is already merged. No AI/ML-specific remediation is required. For AI infrastructure operators: (1) ensure standard OS-level kernel patch cadence is in place, (2) verify this driver is not loaded on servers via 'lsmod | grep igorplugusb' if assurance is needed, (3) no detection rules or monitoring changes are warranted given the non-AI nature of this CVE.

Classification

DoS Inference AML.T0112 - Machine Compromise

Compliance Impact

This CVE is relevant to:

NIST AI RMF

MANAGE 2.4 - Residual risks to AI system operations are documented and monitored

Frequently Asked Questions

What is CVE-2026-46091?

CVE-2026-46091 is a Linux kernel memory-safety bug in the igorplugusb USB infrared receiver driver, where a control request buffer used in DMA operations was not allocated with the coherency guarantees some host controllers require, risking kernel memory corruption or system instability. The assigned AI category of 'llm_api' is a misclassification — this CVE has no AI or ML component whatsoever; it affects an obscure USB peripheral driver found in almost no AI/ML infrastructure. There is no CVSS score, no EPSS data, no public exploit, and no CISA KEV listing, placing exploitation risk at negligible levels. No AI/ML-specific action is needed; apply Linux kernel updates through your standard infrastructure patch cadence.

Is CVE-2026-46091 actively exploited?

No confirmed active exploitation of CVE-2026-46091 has been reported, but organizations should still patch proactively.

How to fix CVE-2026-46091?

Apply upstream Linux kernel stable-branch patches referenced in the five git.kernel.org commits. The fix — allocating the USB request structure separately via kmalloc to satisfy DMA coherency — is already merged. No AI/ML-specific remediation is required. For AI infrastructure operators: (1) ensure standard OS-level kernel patch cadence is in place, (2) verify this driver is not loaded on servers via 'lsmod | grep igorplugusb' if assurance is needed, (3) no detection rules or monitoring changes are warranted given the non-AI nature of this CVE.

What systems are affected by CVE-2026-46091?

This vulnerability affects the following AI/ML architecture patterns: Linux-based ML serving infrastructure (only where igorplugusb hardware is present).

What is the CVSS score for CVE-2026-46091?

No CVSS score has been assigned yet.

AI Security Impact

Affected AI Architectures

Linux-based ML serving infrastructure (only where igorplugusb hardware is present)

MITRE ATLAS Techniques

AML.T0112 Machine Compromise

Compliance Controls Affected

NIST AI RMF: MANAGE 2.4

Technical Details

Original Advisory

In the Linux kernel, the following vulnerability has been resolved: media: rc: igorplugusb: heed coherency rules In a control request, the USB request structure can be subject to DMA on some HCs. Hence it must obey the rules for DMA coherency. Allocate it separately.

Exploitation Scenario

An attacker with local access to a Linux system — where an igorplugusb USB IR receiver is physically connected — sends a crafted USB control request that triggers the DMA coherency violation during buffer handling. On host controllers that enforce strict DMA coherency (common in ARM and some x86 server platforms), this produces kernel memory corruption, potentially yielding a denial-of-service crash. In an AI/ML context, this would manifest as a host reboot disrupting inference or training workloads, not as a compromise of any AI model, data, or pipeline logic.