CVE-2026-43491

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: qrtr: ns: Limit the maximum server registration per node<br /> <br /> Current code does no bound checking on the number of servers added per<br /> node. A malicious client can flood NEW_SERVER messages and exhaust memory.<br /> <br /> Fix this issue by limiting the maximum number of server registrations to<br /> 256 per node. If the NEW_SERVER message is received for an old port, then<br /> don&amp;#39;t restrict it as it will get replaced. While at it, also rate limit<br /> the error messages in the failure path of qrtr_ns_worker().<br /> <br /> Note that the limit of 256 is chosen based on the current platform<br /> requirements. If requirement changes in the future, this limit can be<br /> increased.