Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2026-43125

Опубликовано: 06 мая 2026
Источник: nvd
CVSS3: 9.8
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

dlm: validate length in dlm_search_rsb_tree

The len parameter in dlm_dump_rsb_name() is not validated and comes from network messages. When it exceeds DLM_RESNAME_MAXLEN, it can cause out-of-bounds write in dlm_search_rsb_tree().

Add length validation to prevent potential buffer overflow.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 3.4 (включая) до 6.12.75 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.13 (включая) до 6.18.16 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.19 (включая) до 6.19.6 (исключая)

EPSS

Процентиль: 41%
0.00542
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-787

Связанные уязвимости

ubuntu логотип

CVE-2026-43125

CVSS3: 9.8
ubuntu
около 2 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlm_search_rsb_tree The len parameter in dlm_dump_rsb_name() is not validated and comes from network messages. When it exceeds DLM_RESNAME_MAXLEN, it can cause out-of-bounds write in dlm_search_rsb_tree(). Add length validation to prevent potential buffer overflow.

redhat логотип

CVE-2026-43125

CVSS3: 7
redhat
около 2 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlm_search_rsb_tree The len parameter in dlm_dump_rsb_name() is not validated and comes from network messages. When it exceeds DLM_RESNAME_MAXLEN, it can cause out-of-bounds write in dlm_search_rsb_tree(). Add length validation to prevent potential buffer overflow.

msrc логотип

CVE-2026-43125

msrc
около 1 месяца назад

dlm: validate length in dlm_search_rsb_tree

debian логотип

CVE-2026-43125

CVSS3: 9.8
debian
около 2 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: d ...

github логотип

GHSA-fr2c-799q-pg3x

CVSS3: 9.8
github
около 2 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlm_search_rsb_tree The len parameter in dlm_dump_rsb_name() is not validated and comes from network messages. When it exceeds DLM_RESNAME_MAXLEN, it can cause out-of-bounds write in dlm_search_rsb_tree(). Add length validation to prevent potential buffer overflow.

EPSS

Процентиль: 41%
0.00542
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-787