目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1336 CNY

100%

CVE-2026-46151— Linux kernel 安全漏洞

AI Predicted 6.5 Difficulty: Moderate EPSS 0.12% · P2

Affected Version Matrix 18

ベンダープロダクトVersion Rangeステータス
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 4650cce898fcd0bb8c33e529984687a8caed10c3affected
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 612640abbd9e0947fe8f37aaf0cf324265d7caa4affected
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 4220d4dd062ea3d3eb056a6cbe0b568e740d20b1affected
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 6e29c32a27218f2dcd4a4e9b0b3c5e7728640698affected
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 6d8142141c942c0d8e79343cffda9c44bb1f3f4faffected
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 8247f52d822180e94ccbfdab91613af386a4e34daffected
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 522d17e93a85575256894212d10e5a1fa6f36529affected
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 7a400c6fe3617e31e690e3f7ca37bb335e0498f3affected
… +10 more rows
新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2026-46151の基本情報

脆弱性情報

脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル
usb: usblp: fix heap leak in IEEE 1284 device ID via short response
ソース: NVD (National Vulnerability Database)
脆弱性説明
In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblp_ctrl_msg() collapses the usb_control_msg() return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GET_DEVICE_ID control transfer short and the driver has no way to know. usblp_cache_device_id_string() reads the 2-byte big-endian length prefix from the response and trusts it (clamped only to the buffer bounds). The buffer is kmalloc(1024) at probe time. A device that sends exactly two bytes (e.g. 0x03 0xFF, claiming a 1023-byte ID) leaves device_id_string[2..1022] holding stale kmalloc heap. That stale data is then exposed: - via the ieee1284_id sysfs attribute (sprintf("%s", buf+2), truncated at the first NUL in the stale heap), and - via the IOCNR_GET_DEVICE_ID ioctl, which copy_to_user()s the full claimed length regardless of NULs, up to 1021 bytes of uninitialized heap, with the leak size chosen by the device. Fix this up by just zapping the buffer with zeros before each request sent to the device.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Linux kernel 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于usb usblp中IEEE 1284设备ID响应过短导致堆泄漏,可能暴露未初始化的堆数据。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)

影響を受ける製品

ベンダープロダクト影響を受けるバージョンCPE購読
LinuxLinux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 ~ 4650cce898fcd0bb8c33e529984687a8caed10c3 -
LinuxLinux 2.6.12 -

II. CVE-2026-46151の公開POC

#POC説明ソースリンクShenlongリンク
AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2026-46151のインテリジェンス情報

登录查看更多情报信息。

CVE-2026-46151 补丁与修复 (8)

Same Patch Batch · Linux · 2026-05-28 · 136 CVEs total

CVE-2026-461359.8 CRITICALnvmet-tcp: fix race between ICReq handling and queue teardown
CVE-2026-461379.8 CRITICALmptcp: pm: ADD_ADDR rtx: fix potential data-race
CVE-2026-461959.8 CRITICALsmb: client: validate dacloffset before building DACL pointers
CVE-2026-461159.8 CRITICALblock: add pgmap check to biovec_phys_mergeable
CVE-2026-461859.1 CRITICALsmb/client: fix out-of-bounds read in symlink_data()
CVE-2026-461199.1 CRITICALlibceph: Fix slab-out-of-bounds access in auth message processing
CVE-2026-461559.1 CRITICALsmb/client: fix out-of-bounds read in smb2_compound_op()
CVE-2026-461748.8 HIGHx86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache
CVE-2026-461988.8 HIGHbatman-adv: fix integer overflow on buff_pos
CVE-2026-461258.8 HIGHwifi: mac80211: remove station if connection prep fails
CVE-2026-461528.8 HIGHwifi: mac80211: drop stray 'static' from fast-RX rx_result
CVE-2026-462388.8 HIGHbatman-adv: stop caching unowned originator pointers in BAT IV
CVE-2026-461138.8 HIGHKVM: x86: Fix shadow paging use-after-free due to unexpected GFN
CVE-2026-462128.8 HIGHbatman-adv: bla: prevent use-after-free when deleting claims
CVE-2026-461668.8 HIGHwifi: mac80211: use safe list iteration in radar detect work
CVE-2026-462328.1 HIGHHID: playstation: Clamp num_touch_reports
CVE-2026-461388.1 HIGHBluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt
CVE-2026-461817.8 HIGHRDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()
CVE-2026-462017.8 HIGHdrm/xe: Fix dma-buf attachment leak in xe_gem_prime_import()
CVE-2026-462107.8 HIGHmedia: iris: fix use-after-free of fmt_src during MBPF check

Showing 20 of 136 CVEs. View all on vendor page →

IV. 関連脆弱性

V. CVE-2026-46151へのコメント

まだコメントはありません


コメントを残す