目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1336 CNY

100%

CVE-2026-53043— Linux kernel 安全漏洞

CVSS 9.1 · Critical EPSS 0.52% · P40

Affected Version Matrix 18

ベンダープロダクトVersion Rangeステータス
LinuxLinuxea2034416b54700e30371f2ad6517cbb94674083< d3d5efade0c79dac1cac98c0cb1115432f804439affected
ea2034416b54700e30371f2ad6517cbb94674083< f69551139caf6d24242a0ad049ee46b264e3aee0affected
ea2034416b54700e30371f2ad6517cbb94674083< 1f8b91275912cd428289c1fb424bebd7ff5302bdaffected
ea2034416b54700e30371f2ad6517cbb94674083< f37de46149db49abd2b24f4f0c5a88cf4dfb5f47affected
ea2034416b54700e30371f2ad6517cbb94674083< 6c6e8fc3c007319981647b410c29bb5775048551affected
ea2034416b54700e30371f2ad6517cbb94674083< 3f474c33ebc2e2ca3fcb587d7de4375348f13373affected
ea2034416b54700e30371f2ad6517cbb94674083< 3c2d0de23ae4be22b6c18e8f0915be74d3b5fb21affected
ea2034416b54700e30371f2ad6517cbb94674083< 7ab3fbb01bc6d79091bc375e5235d360cd9b78beaffected
… +10 more rows
新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2026-53043の基本情報

脆弱性情報

脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル
ocfs2/dlm: validate qr_numregions in dlm_match_regions()
ソース: NVD (National Vulnerability Database)
脆弱性説明
In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: validate qr_numregions in dlm_match_regions() Patch series "ocfs2/dlm: fix two bugs in dlm_match_regions()". In dlm_match_regions(), the qr_numregions field from a DLM_QUERY_REGION network message is used to drive loops over the qr_regions buffer without sufficient validation. This series fixes two issues: - Patch 1 adds a bounds check to reject messages where qr_numregions exceeds O2NM_MAX_REGIONS. The o2net layer only validates message byte length; it does not constrain field values, so a crafted message can set qr_numregions up to 255 and trigger out-of-bounds reads past the 1024-byte qr_regions buffer. - Patch 2 fixes an off-by-one in the local-vs-remote comparison loop, which uses '<=' instead of '<', reading one entry past the valid range even when qr_numregions is within bounds. This patch (of 2): The qr_numregions field from a DLM_QUERY_REGION network message is used directly as loop bounds in dlm_match_regions() without checking against O2NM_MAX_REGIONS. Since qr_regions is sized for at most O2NM_MAX_REGIONS (32) entries, a crafted message with qr_numregions > 32 causes out-of-bounds reads past the qr_regions buffer. Add a bounds check for qr_numregions before entering the loops.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Linux kernel 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Linux kernel是美国Linux基金会开源的操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于在dlm_match_regions()中未验证DLM_QUERY_REGION网络消息的qr_numregions字段,导致可能触发越界读取。以下版本受到影响:2.6.37版本。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)

影響を受ける製品

ベンダープロダクト影響を受けるバージョンCPE購読
LinuxLinux ea2034416b54700e30371f2ad6517cbb94674083 ~ d3d5efade0c79dac1cac98c0cb1115432f804439 -
LinuxLinux 2.6.37 -

II. CVE-2026-53043の公開POC

#POC説明ソースリンクShenlongリンク
AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2026-53043のインテリジェンス情報

登录查看更多情报信息。

CVE-2026-53043 补丁与修复 (8)

Same Patch Batch · Linux · 2026-06-24 · 219 CVEs total

CVE-2026-530109.8 CRITICALksmbd: fix use-after-free in smb2_open during durable reconnect
CVE-2026-529869.8 CRITICALnetfilter: nf_conntrack_sip: don't use simple_strtoul
CVE-2026-529829.8 CRITICALnet: usb: rtl8150: fix use-after-free in rtl8150_start_xmit()
CVE-2026-529899.8 CRITICALnvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers
CVE-2026-530869.8 CRITICALnet: bcmgenet: fix racing timeout handler
CVE-2026-529939.8 CRITICALtipc: fix double-free in tipc_buf_append()
CVE-2026-530459.8 CRITICALmemory: tegra124-emc: Fix dll_change check
CVE-2026-530469.8 CRITICALksmbd: fix use-after-free from async crypto on Qualcomm crypto engine
CVE-2026-529559.8 CRITICALlibceph: Fix potential out-of-bounds access in crush_decode()
CVE-2026-530499.8 CRITICALgfs2: add some missing log locking
CVE-2026-530029.8 CRITICALnetfilter: conntrack: remove sprintf usage
CVE-2026-530889.8 CRITICALnet: bcmgenet: fix off-by-one in bcmgenet_put_txcb
CVE-2026-530559.8 CRITICALcrypto: hisilicon/sec2 - prevent req used-after-free for sec
CVE-2026-529149.8 CRITICALbatman-adv: fix fragment reassembly length accounting
CVE-2026-530069.8 CRITICALipv6: fix possible UAF in icmpv6_rcv()
CVE-2026-529249.8 CRITICALsctp: purge outqueue on stale COOKIE-ECHO handling
CVE-2026-529319.8 CRITICALbatman-adv: tp_meter: avoid use of uninit sender vars
CVE-2026-529589.1 CRITICALlibceph: Fix potential out-of-bounds access in osdmap_decode()
CVE-2026-529999.1 CRITICALnetfilter: nfnetlink_osf: fix out-of-bounds read on option matching
CVE-2026-530758.8 HIGHppp: require CAP_NET_ADMIN in target netns for unattached ioctls

Showing 20 of 219 CVEs. View all on vendor page →

IV. 関連脆弱性

V. CVE-2026-53043へのコメント

まだコメントはありません


コメントを残す