CVE-2026-43210
MEDIUM EPSS 2.8%
Published May 6, 20261mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Published May 6, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago
Description
In the Linux kernel, the following vulnerability has been resolved: tracing: ring-buffer: Fix to check event length before using Check the event length before adding it for accessing next index in rb_read_data_buffer(). Since this function is used for validating possibly broken ring buffers, the length of the event could be broken. In that case, the new event (e + len) can point a wrong address. To avoid invalid memory access at boot, check whether the length of each event is in the possible range before using it.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
2.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 3
References 4
- git.kernel.org https://git.kernel.org/stable/c/5026010110a5ad2268d8c23e1e286ab7c736f7ac
- git.kernel.org https://git.kernel.org/stable/c/912b0ee248c529a4f45d1e7f568dc1adddbf2a4a
- git.kernel.org https://git.kernel.org/stable/c/9eb80e54494ef1efef8a64bec4ffa672c9cf411e
- git.kernel.org https://git.kernel.org/stable/c/b4700c089a10f89de3a5149d57f8a58306458982
Remediation
- git.kernel.org https://git.kernel.org/stable/c/5026010110a5ad2268d8c23e1e286ab7c736f7ac
- git.kernel.org https://git.kernel.org/stable/c/912b0ee248c529a4f45d1e7f568dc1adddbf2a4a
- git.kernel.org https://git.kernel.org/stable/c/9eb80e54494ef1efef8a64bec4ffa672c9cf411e
- git.kernel.org https://git.kernel.org/stable/c/b4700c089a10f89de3a5149d57f8a58306458982