CRITICALCVE-2026-43125Published Modified CNA Linux
CVE-2026-43125: dlm: validate length in dlm_search_rsb_tree
In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlm_search_rsb_tree The len parameter in dlm_dump_rsb_name() is not validated and comes from network messages. When it exceeds DLM_RESNAME_MAXLEN, it can cause out-of-bounds write in dlm_search_rsb_tree(). Add length validation to prevent potential buffer overflow.
Metrics
- CVSS v3.1
- 9.8
- Severity
- CRITICAL
- Fixed in
- 0
- Affected Products
- 2
Fix available
0080e5563f878c64e697b89e7439d730d0daad882082083c9fbd99422a0370fe2102144a231c9f5d65f053a2e7209d326cbbc07738fa6d6893d3074386.12.756.18.166.19.667288113c5e6cf9e659b4065c0ed6f16100e0c717.0
Affected packages
- Linux / Linux< 67288113c5e6cf9e659b4065c0ed6f16100e0c71 (from 7210cb7a72a22303cdb225bd1aea28697a17bbae) · < 082083c9fbd99422a0370fe2102144a231c9f5d6 (from 7210cb7a72a22303cdb225bd1aea28697a17bbae) · < 5f053a2e7209d326cbbc07738fa6d6893d307438 (from 7210cb7a72a22303cdb225bd1aea28697a17bbae) · < 080e5563f878c64e697b89e7439d730d0daad882 (from 7210cb7a72a22303cdb225bd1aea28697a17bbae)
- Linux / Linux3.4Fixed in 0, 6.12.75, 6.18.16, 6.19.6, 7.0
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H