CVE-2026-46130

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

28/05/2026

Last modified:

28/05/2026

Description

In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks (take 3) fec_decode_bufs() assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider v->fec->block_size == 4096 && v->fec->roots == 17 && fio->nbufs == 1, for example. In that case, each call to fec_decode_bufs() consumes v->fec->roots * (fio->nbufs

Impact

References to Advisories, Solutions, and Tools

https://git.kernel.org/stable/c/3d1b4e2d8ac0a1a1390a117f61ce0ca1c47e3bcb
https://git.kernel.org/stable/c/430a05cb926f6bdf53e81460a2c3a553257f3f61