CRITICALCVE-2026-46039Published Modified CNA Linux
CVE-2026-46039: rxgk: Fix potential integer overflow in length check
In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer overflow in length check Fix potential integer overflow in rxgk_extract_token() when checking the length of the ticket. Rather than rounding up the value to be tested (which might overflow), round down the size of the available data.
Metrics
- CVSS v3.1
- 9.8
- Severity
- CRITICAL
- Fixed in
- 0
- Affected Products
- 2
Fix available
0183d37f12d1c8ed24a5bfc7addad05510da22a9443222ac484f93b3ec2d240a7575e1cedd31f5fa46.176.18.276929350080f4da292d111a3b33e53138fee51cec7.0.47.1-rc1
Affected packages
- Linux / Linux< 43222ac484f93b3ec2d240a7575e1cedd31f5fa4 (from 2429a197648178cd4dc930a9d87c13c547460564) · < 183d37f12d1c8ed24a5bfc7addad05510da22a94 (from 2429a197648178cd4dc930a9d87c13c547460564) · < 6929350080f4da292d111a3b33e53138fee51cec (from 2429a197648178cd4dc930a9d87c13c547460564) · 71571e187106631a8127f2dde780f35caa358d33 · < 6.17 (from 6.16.9)
- Linux / Linux6.17Fixed in 0, 6.18.27, 7.0.4, 7.1-rc1
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H