Out-of-bounds read in Linux kernel - CVE-2026-53151
Published: June 26, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to an out-of-bounds read in rxrpc_input_soft_acks() when parsing the SACK table from a fragmented UDP packet. A remote attacker can send a deliberately fragmented packet to cause a denial of service.
The issue affects AF_RXRPC extended ACK parsing, and exploitation likely requires a deliberately pre-generated fragmented packet.