CVE-2026-46145
Published: May 28, 2026
Modified: May 30, 2026
CVSS v3.1
7.8
Description
In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Validate rx_hash_key_len Sashiko points out that rx_hash_key_len comes from a uAPI structure and is blindly passed to memcpy, allowing the userspace to trash kernel memory. Bounds check it so the memcpy cannot overflow.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 0266a177631d4c6b963b5b12dd986a8c5abdbf06 - < 7d7c9f0fcd19c4d2f0164347c58d49cafa961b72affected 0266a177631d4c6b963b5b12dd986a8c5abdbf06 - < 11c1431d641e0e4e0529e96957995820600c7287affected 0266a177631d4c6b963b5b12dd986a8c5abdbf06 - < 012796f9541fcd0c1fa8ae4da7eb4d83931ef838affected 0266a177631d4c6b963b5b12dd986a8c5abdbf06 - < 7d94f155f354b961c598f71bafa804dceded513faffected 0266a177631d4c6b963b5b12dd986a8c5abdbf06 - < 6dd2d4ad9c8429523b1c220c5132bd551c006425 |
Linux | Linux | affected 6.2unaffected 0 - < 6.2unaffected 6.6.141 - <= 6.6.*unaffected 6.12.88 - <= 6.12.*unaffected 6.18.30 - <= 6.18.*+2 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now