5.5
CVE-2026-43210
- EPSS 0.13%
- Veröffentlicht 06.05.2026 11:28:13
- Zuletzt bearbeitet 11.05.2026 19:58:20
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
tracing: ring-buffer: Fix to check event length before using
In the Linux kernel, the following vulnerability has been resolved: tracing: ring-buffer: Fix to check event length before using Check the event length before adding it for accessing next index in rb_read_data_buffer(). Since this function is used for validating possibly broken ring buffers, the length of the event could be broken. In that case, the new event (e + len) can point a wrong address. To avoid invalid memory access at boot, check whether the length of each event is in the possible range before using it.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.12 < 6.12.75
Linux ≫ Linux Kernel Version >= 6.13 < 6.18.16
Linux ≫ Linux Kernel Version >= 6.19 < 6.19.6
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.027 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
https://git.kernel.org/stable/c/b4700c089a10f89de3a5149d57f8a58306458982
https://git.kernel.org/stable/c/5026010110a5ad2268d8c23e1e286ab7c736f7ac
https://git.kernel.org/stable/c/9eb80e54494ef1efef8a64bec4ffa672c9cf411e
https://git.kernel.org/stable/c/912b0ee248c529a4f45d1e7f568dc1adddbf2a4a