CVE-2026-46027
Published: May 27, 2026
Modified: Jun 1, 2026
CVSS v3.1
7.5
Description
In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid early lgr access in smc_clc_wait_msg A CLC decline can be received while the handshake is still in an early stage, before the connection has been associated with a link group. The decline handling in smc_clc_wait_msg() updates link-group level sync state for first-contact declines, but that state only exists after link group setup has completed. Guard the link-group update accordingly and keep the per-socket peer diagnosis handling unchanged. This preserves the existing sync_err handling for established link-group contexts and avoids touching link-group state before it is available.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 0cfdd8f92cac01afbb12e4500514036a2b78756b - < 257cdf0c5ced9c0fba8aba501d94b0a5fcef2086affected 0cfdd8f92cac01afbb12e4500514036a2b78756b - < 22546729b96fc873b23065dc49e3d73c45cfb874affected 0cfdd8f92cac01afbb12e4500514036a2b78756b - < 5eedbfd82c2884e0010fdfb3c9446a6ebcadb691affected 0cfdd8f92cac01afbb12e4500514036a2b78756b - < f0858e1d5624bb120b198f2a8528f97a9b0ae069affected 0cfdd8f92cac01afbb12e4500514036a2b78756b - < 6180a296ca65b08a81914805cbc0f78da5f10a1f+3 more versions |
Linux | Linux | affected 4.11unaffected 0 - < 4.11unaffected 5.10.258 - <= 5.10.*unaffected 5.15.209 - <= 5.15.*unaffected 6.1.175 - <= 6.1.*+5 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now