CVE-2026-43274 in Linuxالمعلومات

الملخص

بحسب MITRE • 06/05/2026

In the Linux kernel, the following vulnerability has been resolved:

mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchp_ipc_get_cluster_aggr_irq()

The cluster_cfg array is dynamically allocated to hold per-CPU configuration structures, with its size based on the number of online CPUs. Previously, this array was indexed using hartid, which may be non-contiguous or exceed the bounds of the array, leading to out-of-bounds access. Switch to using cpuid as the index, as it is guaranteed to be within the valid range provided by for_each_online_cpu().

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

Linux

حجز

01/05/2026

إفشاء

06/05/2026

الاعتدال

تمت الموافقة

إدخال

VDB-361529

CPE

جاهز

CWE

CWE-125 (مؤكد)

CVSS

3.5 (VulDB)

EPSS

0.00016

KEV

لا

النشاطات

منخفض جدًا

القطاع

Finance, Lawfirm, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-43274
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-43274
CVE Details	https://www.cvedetails.com/cve/CVE-2026-43274/

التالي ▸نظرة عامة ◂ السابق

Do you know our Splunk app?

Download it now for free!