CRITICAL🇵🇱 Wersja polska

CVE-2026-46039

CVSS 9.8pub. 2026-05-27upd. 2026-06-16

In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer overflow in length check Fix potential integer overflow in rxgk_extract_token() when checking the length of the ticket. Rather than rounding up the value to be tested (which might overflow), round down the size of the available data.

🤖 AI Analysis
How it works

During ticket length verification in rxgk_extract_token(), the code incorrectly rounded up the tested value, which could lead to integer overflow and bypass of data length validation checks. The patch changes the approach to rounding down the size of available data, which eliminates the overflow risk. Incorrect length validation can result in access to memory outside the designated buffer.

Impact

An attacker may potentially gain unauthorized access to sensitive data, compromise system integrity, or cause its unavailability (respectively: C:H, I:H, A:H according to CVSS vector).

Mitigation & patch

Security patches available from the vendor should be applied according to references — fixes have been published in the Linux kernel stable repository (commits: 183d37f12d1c, 43222ac484f9, 6929350080f4).

Who is affected

Linux kernel containing the rxgk module — specific versions indicated in vendor references (commits available in the kernel stable repository).

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Linux Kernel

    OS
    Linux
    6.176.16.9 – 6.17 (bez)6.17.1 – 6.18.27 (bez)6.19 – 7.0.4 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2025-34028CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP

CVE-2022-47986CRITICAL9.8⚠ KEVten sam produkt

IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on t...

CVE-2022-22954CRITICAL9.8⚠ KEVten sam produkt

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-s...

CVE-2020-4006CRITICAL9.1⚠ KEVten sam produkt

VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a...