7.8
CVE-2026-46145
- EPSS 0.14%
- Veröffentlicht 28.05.2026 09:36:01
- Zuletzt bearbeitet 30.06.2026 03:20:09
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
RDMA/mana: Validate rx_hash_key_len
In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Validate rx_hash_key_len Sashiko points out that rx_hash_key_len comes from a uAPI structure and is blindly passed to memcpy, allowing the userspace to trash kernel memory. Bounds check it so the memcpy cannot overflow.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.141
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.88
Linux ≫ Linux Kernel Version >= 6.13 < 6.18.30
Linux ≫ Linux Kernel Version >= 6.19 < 7.0.7
Linux ≫ Linux Kernel Version7.1 Updaterc1
Linux ≫ Linux Kernel Version7.1 Updaterc2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.039 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
https://git.kernel.org/stable/c/7d7c9f0fcd19c4d2f0164347c58d49cafa961b72
https://git.kernel.org/stable/c/11c1431d641e0e4e0529e96957995820600c7287
https://git.kernel.org/stable/c/012796f9541fcd0c1fa8ae4da7eb4d83931ef838
https://git.kernel.org/stable/c/7d94f155f354b961c598f71bafa804dceded513f
https://git.kernel.org/stable/c/6dd2d4ad9c8429523b1c220c5132bd551c006425
https://access.redhat.com/errata/RHSA-2026:27353
https://access.redhat.com/errata/RHSA-2026:27354
https://access.redhat.com/errata/RHSA-2026:27789
https://access.redhat.com/errata/RHSA-2026:30129
https://access.redhat.com/security/cve/CVE-2026-46145
https://bugzilla.redhat.com/show_bug.cgi?id=2482581
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46145.json