Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
Linux kernel: Unvalidated network input causes potential buffer overflow
DEBIAN-CVE-2026-43125
Summary
A bug in the Linux kernel's Distributed Lock Manager (DLM) could allow an attacker to send malicious network messages that could potentially cause the system to crash or behave unexpectedly. This issue has been fixed in a recent update. To stay secure, ensure that your Linux system is up-to-date with the latest kernel version.
What to do
- Update debian linux to version 6.12.85-1.
- Update debian linux to version 6.19.6-1.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Debian:11 | debian | linux | All versions |
| Debian:12 | debian | linux | All versions |
| Debian:13 | debian | linux |
< 6.12.85-1 Fix: upgrade to 6.12.85-1
|
| Debian:14 | debian | linux |
< 6.19.6-1 Fix: upgrade to 6.19.6-1
|
Original title
In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlm_search_rsb_tree The len parameter in dlm_dump_rsb_name() is not validated and comes from network me...
Original description
In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlm_search_rsb_tree The len parameter in dlm_dump_rsb_name() is not validated and comes from network messages. When it exceeds DLM_RESNAME_MAXLEN, it can cause out-of-bounds write in dlm_search_rsb_tree(). Add length validation to prevent potential buffer overflow.
osv CVSS3.1
9.8
- https://security-tracker.debian.org/tracker/CVE-2026-43125 Vendor Advisory
Published: 6 May 2026 · Updated: 9 May 2026 · First seen: 9 May 2026