CVE-2026-46039 PUBLISHED

rxgk: Fix potential integer overflow in length check

Assigner: Linux
Reserved: 13.05.2026 Published: 27.05.2026 Updated: 27.05.2026

In the Linux kernel, the following vulnerability has been resolved:

rxgk: Fix potential integer overflow in length check

Fix potential integer overflow in rxgk_extract_token() when checking the length of the ticket. Rather than rounding up the value to be tested (which might overflow), round down the size of the available data.

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from 2429a197648178cd4dc930a9d87c13c547460564 to 43222ac484f93b3ec2d240a7575e1cedd31f5fa4 (excl.)
  • affected from 2429a197648178cd4dc930a9d87c13c547460564 to 183d37f12d1c8ed24a5bfc7addad05510da22a94 (excl.)
  • affected from 2429a197648178cd4dc930a9d87c13c547460564 to 6929350080f4da292d111a3b33e53138fee51cec (excl.)
  • Version 71571e187106631a8127f2dde780f35caa358d33 is affected
  • affected from 6.16.9 to 6.17 (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 6.17 is affected
  • unaffected from 0 to 6.17 (excl.)
  • unaffected from 6.18.27 to 6.18.* (incl.)
  • unaffected from 7.0.4 to 7.0.* (incl.)
  • unaffected from 7.1-rc1 to * (incl.)

References