CVE-2026-45865

NONE EPSS 5.1%
Published May 27, 20261mo ago · Modified Jun 17, 20262w ago
Find Similar
Published May 27, 2026 1mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Tested with "i2ctransfer -y 1 r10@0x34" where 0x34 is a mctp-i2c instance, now it returns all 0xff.

Threat Intelligence

EPSS Exploit Probability
5.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 6

  • git.kernel.org https://git.kernel.org/stable/c/11f83253244060b5de5eac787f61ae3f3e559d01
  • git.kernel.org https://git.kernel.org/stable/c/1eeedb310229bfee9dd4d992e5bba33fe1378a8f
  • git.kernel.org https://git.kernel.org/stable/c/2a14e91b6d76639dac70ea170f4384c1ee3cb48d
  • git.kernel.org https://git.kernel.org/stable/c/6ff2ebfef75fbc57d937d8fbe738b967edf2d331
  • git.kernel.org https://git.kernel.org/stable/c/93e01e837e105299f1c259ef71f6e1ec4fe806e3
  • git.kernel.org https://git.kernel.org/stable/c/fa9861e5c8af7651dddfa8d490aaada17ae33b6c

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.