7.8
CVE-2026-45896
- EPSS 0.16%
- Veröffentlicht 27.05.2026 12:17:06
- Zuletzt bearbeitet 25.06.2026 21:09:48
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
mtd: intel-dg: Fix accessing regions before setting nregions
In the Linux kernel, the following vulnerability has been resolved: mtd: intel-dg: Fix accessing regions before setting nregions The regions array is counted by nregions, but it's set only after accessing it: [] UBSAN: array-index-out-of-bounds in drivers/mtd/devices/mtd_intel_dg.c:750:15 [] index 0 is out of range for type '<unknown> [*]' Fix it by also fixing an undesired behavior: the loop silently ignores ENOMEM and continues setting the other entries.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.17 < 6.18.14
Linux ≫ Linux Kernel Version >= 6.19 < 6.19.4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.057 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
https://git.kernel.org/stable/c/721bd22bcf45a63ebd9bd0f478ef721b45cc5383
https://git.kernel.org/stable/c/d58fca8513414b15387460b14a7a0a30405b9c9e
https://git.kernel.org/stable/c/779c59274d03cc5c07237a2c845dfb71cff77705