Description
In the Linux kernel, the following vulnerability has been resolved: rnbd-srv: Zero the rsp buffer before using it Before using the data buffer to send back the response message, zero it completely. This prevents any stray bytes to be picked up by the client side when there the message is exchanged between different protocol versions.
References (8)
Core 8
Core References
Scores
CVSS v3
7.5
EPSS
0.0044
EPSS Percentile
35.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
Status
published
Products (34)
linux/Kernel
5.11.0 - 5.15.202linux
linux/Kernel
5.16.0 - 6.1.165linux
linux/Kernel
5.8.0 - 5.10.252linux
linux/Kernel
6.13.0 - 6.18.16linux
linux/Kernel
6.19.0 - 6.19.6linux
linux/Kernel
6.2.0 - 6.6.128linux
linux/Kernel
6.7.0 - 6.12.75linux
Linux/Linux
< 5.8
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 30868a6a5238849d554295aff3ce61d242d7fad8
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 69d26698e4fd44935510553809007151b2fe4db5
... and 24 more
Published
May 06, 2026
Tracked Since
May 06, 2026