CVE-2026-46039

CRITICAL

rxgk: Fix potential integer overflow in length check

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer overflow in length check Fix potential integer overflow in rxgk_extract_token() when checking the length of the ticket. Rather than rounding up the value to be tested (which might overflow), round down the size of the available data.

Scores

CVSS v3 9.8
EPSS 0.0044
EPSS Percentile 35.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-190
Status published
Products (15)
linux/Kernel 6.17.0 - 6.18.27linux
linux/Kernel 6.19.0 - 7.0.4linux
Linux/Linux < 6.17
Linux/Linux 2429a197648178cd4dc930a9d87c13c547460564 - 183d37f12d1c8ed24a5bfc7addad05510da22a94
Linux/Linux 2429a197648178cd4dc930a9d87c13c547460564 - 43222ac484f93b3ec2d240a7575e1cedd31f5fa4
Linux/Linux 2429a197648178cd4dc930a9d87c13c547460564 - 6929350080f4da292d111a3b33e53138fee51cec
Linux/Linux 6.16.9 - 6.17
Linux/Linux 6.17
Linux/Linux 6.18.27 - 6.18.*
Linux/Linux 7.0.4 - 7.0.*
... and 5 more
Published May 27, 2026
Tracked Since May 27, 2026