SB2026061015 - Incorrect calculation in Linux kernel sw rxe driver
Published: June 10, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Incorrect calculation (CVE-ID: CVE-2026-46325)
CWE-ID: CWE-682 - Incorrect Calculation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper memory address conversion in the RDMA RXE memory region handling code when processing memory regions with page sizes different from the system PAGE_SIZE. A local user can register or access a crafted memory region layout to cause a denial of service.
The issue can lead to incorrect iova-to-va translation and a kernel panic.
Remediation
Install update from vendor's website.