Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
CVE-2026-43125: Linux Kernel: Network Data Can Cause Data Corruption
CVE-2026-43125
Summary
A vulnerability in the Linux kernel's Distributed Lock Manager (DLM) has been fixed. This issue could cause data corruption if malicious network messages were sent to a system running the DLM. The fix adds a check to prevent this type of attack, and users should ensure their systems are updated with the latest kernel version.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions |
|---|---|---|
| linux | linux_kernel |
>= 3.4, < 6.12.75 >= 6.13, < 6.18.16 >= 6.19, < 6.19.6 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
Original title
In the Linux kernel, the following vulnerability has been resolved:
dlm: validate length in dlm_search_rsb_tree
The len parameter in dlm_dump_rsb_name() is not validated and comes
from network me...
Original description
In the Linux kernel, the following vulnerability has been resolved:
dlm: validate length in dlm_search_rsb_tree
The len parameter in dlm_dump_rsb_name() is not validated and comes
from network messages. When it exceeds DLM_RESNAME_MAXLEN, it can
cause out-of-bounds write in dlm_search_rsb_tree().
Add length validation to prevent potential buffer overflow.
dlm: validate length in dlm_search_rsb_tree
The len parameter in dlm_dump_rsb_name() is not validated and comes
from network messages. When it exceeds DLM_RESNAME_MAXLEN, it can
cause out-of-bounds write in dlm_search_rsb_tree().
Add length validation to prevent potential buffer overflow.
nvd CVSS3.1
9.8
Vulnerability type
CWE-787
Out-of-bounds Write
Published: 6 May 2026 · Updated: 28 May 2026 · First seen: 8 May 2026