5.5

CVE-2026-46003

net: qrtr: ns: Limit the total number of nodes

In the Linux kernel, the following vulnerability has been resolved:

net: qrtr: ns: Limit the total number of nodes

Currently, the nameserver doesn't limit the number of nodes it handles.
This can be an attack vector if a malicious client starts registering
random nodes, leading to memory exhaustion.

Hence, limit the maximum number of nodes to 64. Note that, limit of 64 is
chosen based on the current platform requirements. If requirement changes
in the future, this limit can be increased.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.7 < 6.6.140
LinuxLinux Kernel Version >= 6.7 < 6.12.86
LinuxLinux Kernel Version >= 6.13 < 6.18.27
LinuxLinux Kernel Version >= 6.19 < 7.0.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.023
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/4c46413661431aa60fb134cd4ecdf8beaa39f824
Patch
https://git.kernel.org/stable/c/4665a29c08e1b36bc9db4814f9dde3d23e8fd1b0
Patch
https://git.kernel.org/stable/c/5cf6d5e5e3b804a44692fbf548a5179442e2e923
Patch
https://git.kernel.org/stable/c/8022876894d09ae485b499058c3357da683bcc5d
Patch
https://git.kernel.org/stable/c/27d5e84e810b0849d08b9aec68e48570461ce313
Patch