SB2026061015 - Incorrect calculation in Linux kernel sw rxe driver



SB2026061015 - Incorrect calculation in Linux kernel sw rxe driver

Published: June 10, 2026

Security Bulletin ID SB2026061015
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Local access
Highest impact Denial of service

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Incorrect calculation (CVE-ID: CVE-2026-46325)

CWE-ID: CWE-682 - Incorrect Calculation

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local user to cause a denial of service.

The vulnerability exists due to improper memory address conversion in the RDMA RXE memory region handling code when processing memory regions with page sizes different from the system PAGE_SIZE. A local user can register or access a crafted memory region layout to cause a denial of service.

The issue can lead to incorrect iova-to-va translation and a kernel panic.


Remediation

Install update from vendor's website.