SB2026060406 - Improper Check or Handling of Exceptional Conditions in Linux kernel ethernet ibm driver
Published: June 4, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Improper Check or Handling of Exceptional Conditions (CVE-ID: CVE-2026-46273)
CWE-ID: CWE-703 - Improper Check or Handling of Exceptional Conditions
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper handling of segmentation offload constraints in ibmveth when processing gso packets with a small mss. A local user can send specially crafted packets to cause a denial of service.
The issue is triggered when the hardware performs segmentation with more than one segment and an MSS smaller than 224 bytes; single-segment GSO packets do not trigger the affected code path.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/1cdf5dbcec988d06f5f720bdf89e91073f77fa10
- https://git.kernel.org/stable/c/3af24f0c4c31f18a4a2d927990759194832bb6e9
- https://git.kernel.org/stable/c/82bc89fbb82d9396fb4eaee8720ea85e2e787957
- https://git.kernel.org/stable/c/86fc64584811d43c9ccd74447de58620189d8b77
- https://git.kernel.org/stable/c/9a5e984d7af910e46dcbed3ce77873e000a4f77d
- https://git.kernel.org/stable/c/c1f261863e65b508f37416dfbc5c5d911c9b9233
- https://git.kernel.org/stable/c/cc427d24ac6442ffdeafd157a63c7c5b73ed4de4
- https://git.kernel.org/stable/c/db8012c631cb845e9ae2b4b531e17d86c9519755