Incorrect Calculation of Buffer Size in Linux kernel - CVE-2026-45851
Published: May 28, 2026
Vulnerability identifier: #VU132631
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-45851
CWE-ID: CWE-131
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper memory reservation in reserve_unaccepted() when handling an unaccepted memory table with an unaligned starting physical address. A local user can trigger the vulnerable code path to cause a denial of service.
The issue was observed when starting Intel TDX virtual machines with specific memory sizes, such as systems with more than 64 GB of memory.
How to mitigate CVE-2026-45851
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/0862438c90487e79822d5647f854977d50381505
- https://git.kernel.org/stable/c/9b18bf59977f5c5bc3b11b210520f62500a7adf3
- https://git.kernel.org/stable/c/b7bc182ec1846be437351e44164089d988f9d0dd
- https://git.kernel.org/stable/c/ba6b6f1502fa55621d1db23f253d54322bdbe4e0
- https://git.kernel.org/stable/c/e649b5916725c68f44ebf45fb396df563c5dbaf2