CVE-2026-46078— Linux kernel 安全漏洞
Possible ATT&CK Techniques 1AI
T1207 · Rogue Domain ControllerAffected Version Matrix 18
| ベンダー | プロダクト | Version Range | ステータス |
|---|---|---|---|
| Linux | Linux | 3aa8ec716e52c02360457fa018296629b4d0becf< a8ee527807f7d97e55ce2ef2906f7f34975eb1c7 | affected |
3aa8ec716e52c02360457fa018296629b4d0becf< aa16dca1b062355181ef215229eeac249d7c0d61 | affected | ||
3aa8ec716e52c02360457fa018296629b4d0becf< 80a23c6d1aba35be8746d74ac14e6ba5ae46da21 | affected | ||
3aa8ec716e52c02360457fa018296629b4d0becf< 222055e6b4063abd2d9e13c3d49bbd1724c50789 | affected | ||
3aa8ec716e52c02360457fa018296629b4d0becf< 48b27a955d22391c7f30169fa7b6b2e1977f1ce4 | affected | ||
3aa8ec716e52c02360457fa018296629b4d0becf< 8ebb951a284b7446e025afc7dc5e9516ef9a7214 | affected | ||
3aa8ec716e52c02360457fa018296629b4d0becf< 1d55445226c75ddd4e78b09b3e7d99109b28c366 | affected | ||
3aa8ec716e52c02360457fa018296629b4d0becf< d18a3b5d337fa412a38e776e6b4b857a58836575 | affected | ||
| … +10 more rows | |||
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2026-46078の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
erofs: fix the out-of-bounds nameoff handling for trailing dirents
ソース: NVD (National Vulnerability Database)
脆弱性説明
In the Linux kernel, the following vulnerability has been resolved: erofs: fix the out-of-bounds nameoff handling for trailing dirents Currently we already have boundary-checks for nameoffs, but the trailing dirents are special since the namelens are calculated with strnlen() with unchecked nameoffs. If a crafted EROFS has a trailing dirent with nameoff >= maxsize, maxsize - nameoff can underflow, causing strnlen() to read past the directory block. nameoff0 should also be verified to be a multiple of `sizeof(struct erofs_dirent)` as well [1]. [1] https://sashiko.dev/#/patchset/20260416063511.3173774-1-hsiangkao%40linux.alibaba.com
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Linux kernel 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于erofs中尾部目录项nameoff处理存在越界读取,可能导致读取目录块之外数据。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
II. CVE-2026-46078の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2026-46078のインテリジェンス情報
请登录查看更多情报信息。
CVE-2026-46078 补丁与修复 (8)
Same Patch Batch · Linux · 2026-05-27 · 275 CVEs total
| CVE-2026-45988 | 9.8 CRITICAL | rxrpc: Fix re-decryption of RESPONSE packets |
| CVE-2026-45898 | 9.8 CRITICAL | RDMA/iwcm: Fix workqueue list corruption by removing work_list |
| CVE-2026-45972 | 9.8 CRITICAL | smb: client: fix potential UAF and double free in smb2_open_file() |
| CVE-2026-46039 | 9.8 CRITICAL | rxgk: Fix potential integer overflow in length check |
| CVE-2026-46043 | 9.1 CRITICAL | RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv |
| CVE-2026-46056 | 8.8 HIGH | Bluetooth: hci_event: fix potential UAF in SSP passkey handlers |
| CVE-2026-45945 | 8.8 HIGH | iommu/vt-d: Fix race condition during PASID entry replacement |
| CVE-2026-45843 | 8.2 HIGH | slip: bound decode() reads against the compressed packet length |
| CVE-2026-46037 | 8.2 HIGH | ipv4: icmp: validate reply type before using icmp_pointers |
| CVE-2026-46010 | 8.1 HIGH | rxrpc: Fix error handling in rxgk_extract_token() |
| CVE-2026-46099 | 8.1 HIGH | net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels |
| CVE-2026-46076 | 7.9 HIGH | KVM: nSVM: Raise #UD if unhandled VMMCALL isn't intercepted by L1 |
| CVE-2026-45951 | 7.8 HIGH | bpf: Fix a potential use-after-free of BTF object |
| CVE-2026-45929 | 7.8 HIGH | ovpn: fix possible use-after-free in ovpn_net_xmit |
| CVE-2026-46006 | 7.8 HIGH | drm/nouveau: fix u32 overflow in pushbuf reloc bounds check |
| CVE-2026-46058 | 7.8 HIGH | media: amphion: Fix race between m2m job_abort and device_run |
| CVE-2026-46062 | 7.8 HIGH | ntfs3: fix integer overflow in run_unpack() volume boundary check |
| CVE-2026-45878 | 7.8 HIGH | drm/amdkfd: Fix watch_id bounds checking in debug address watch v2 |
| CVE-2026-45956 | 7.8 HIGH | drm/exynos: vidi: use priv->vidi_dev for ctx lookup in vidi_connection_ioctl() |
| CVE-2026-45980 | 7.8 HIGH | accel/amdxdna: Stop job scheduling across aie2_release_resource() |
Showing 20 of 275 CVEs. View all on vendor page →
IV. 関連脆弱性
同じ製品: Linux
- CVE-2026-53277
KVM: arm64: Take the SRCU lock for page table walks in fault - CVE-2026-53276
Bluetooth: ISO: Fix a use-after-free of the hci_conn pointer - CVE-2026-53275
ipv6: mcast: Fix use-after-free when processing MLD queries - CVE-2026-53274
net/smc: fix sleep-inside-lock in __smc_setsockopt() causing - CVE-2026-53273
tee: optee: prevent use-after-free when the client exits bef
同じベンダー: Linux
- CVE-2026-53277
KVM: arm64: Take the SRCU lock for page table walks in fault - CVE-2026-53276
Bluetooth: ISO: Fix a use-after-free of the hci_conn pointer - CVE-2026-53275
ipv6: mcast: Fix use-after-free when processing MLD queries - CVE-2026-53274
net/smc: fix sleep-inside-lock in __smc_setsockopt() causing - CVE-2026-53273
tee: optee: prevent use-after-free when the client exits bef
V. CVE-2026-46078へのコメント
まだコメントはありません