CVE-2026-46003
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
27/05/2026
Last modified:
19/06/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
net: qrtr: ns: Limit the total number of nodes<br />
<br />
Currently, the nameserver doesn&#39;t limit the number of nodes it handles.<br />
This can be an attack vector if a malicious client starts registering<br />
random nodes, leading to memory exhaustion.<br />
<br />
Hence, limit the maximum number of nodes to 64. Note that, limit of 64 is<br />
chosen based on the current platform requirements. If requirement changes<br />
in the future, this limit can be increased.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.7 (including) | 6.6.140 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.12.86 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.13 (including) | 6.18.27 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.19 (including) | 7.0.4 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/27d5e84e810b0849d08b9aec68e48570461ce313
- https://git.kernel.org/stable/c/4665a29c08e1b36bc9db4814f9dde3d23e8fd1b0
- https://git.kernel.org/stable/c/4c46413661431aa60fb134cd4ecdf8beaa39f824
- https://git.kernel.org/stable/c/5cf6d5e5e3b804a44692fbf548a5179442e2e923
- https://git.kernel.org/stable/c/8022876894d09ae485b499058c3357da683bcc5d
- https://git.kernel.org/stable/c/823310645065bd49666e84af689fa95192819f55
- https://git.kernel.org/stable/c/b703ee903b24974aca4bde99c7d25d66309d35dd
- https://git.kernel.org/stable/c/ed29887286aba96d1930f4ddb9f235f6b421073c



