Description
In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlm_search_rsb_tree The len parameter in dlm_dump_rsb_name() is not validated and comes from network messages. When it exceeds DLM_RESNAME_MAXLEN, it can cause out-of-bounds write in dlm_search_rsb_tree(). Add length validation to prevent potential buffer overflow.
References (17)
Core 17
Core References
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:25120
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:25121
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:25217
Vendor Advisory
https://access.redhat.com/security/cve/CVE-2026-43125
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2467234
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:33899
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:33900
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:34094
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:34095
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:35844
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:35863
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:36767
Scores
CVSS v3
9.8
EPSS
0.0043
EPSS Percentile
34.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-130
CWE-787
Status
published
Products (18)
linux/Kernel
3.4.0 - 6.12.75linux
linux/Kernel
6.13.0 - 6.18.16linux
linux/Kernel
6.19.0 - 6.19.6linux
Linux/Linux
< 3.4
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 080e5563f878c64e697b89e7439d730d0daad882
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 082083c9fbd99422a0370fe2102144a231c9f5d6
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 5f053a2e7209d326cbbc07738fa6d6893d307438
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 67288113c5e6cf9e659b4065c0ed6f16100e0c71
Linux/Linux
3.4
Linux/Linux
6.12.75 - 6.12.*
... and 8 more
Published
May 06, 2026
Tracked Since
May 06, 2026