SB20260529192 - Out-of-bounds read in Linux kernel sw rxe driver
Published: May 29, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Out-of-bounds read (CVE-ID: CVE-2026-46114)
CWE-ID: CWE-125 - Out-of-bounds read
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to an out-of-bounds read in atomic_write_reply() in the RDMA rxe responder when processing a crafted ATOMIC_WRITE request with a zero-length logical payload. A remote attacker can send a specially crafted ATOMIC_WRITE request to disclose sensitive information.
The issue can leak kernel tailroom bytes into the attacker's memory region, including recognizable kernel strings and partial pointer words.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/105bf79a23b85cf3a761d18a4f3e10ce88526bc1
- https://git.kernel.org/stable/c/1114c87aa6f195cf07da55a27b2122ae26557b26
- https://git.kernel.org/stable/c/539cabb7b2d8ba70f55bba91db55faef11c2a6d7
- https://git.kernel.org/stable/c/7ec1ed4747f5f99f8b797bb438c5efd36079fad5
- https://git.kernel.org/stable/c/d415fce3fcde6d7aeea6c25362a395b905811452