CVE-2026-46331 (GCVE-0-2026-46331)

Vulnerability from cvelistv5 – Published: 2026-06-16 06:26 – Updated: 2026-07-03 12:05
VLAI?
Title
net/sched: fix pedit partial COW leading to page cache corruption
Summary
In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption tcf_pedit_act() computes the COW range for skb_ensure_writable() once before the key loop using tcfp_off_max_hint, but the hint does not account for the runtime header offset added by typed keys. This can leave part of the write region un-COW'd. Fix by moving skb_ensure_writable() inside the per-key loop where the actual write offset is known, and add overflow checking on the offset arithmetic. For negative offsets (e.g. Ethernet header edits at ingress), use skb_cow() to COW the headroom instead. Guard offset_valid() against INT_MIN, where negation is undefined.
CWE
  • CWE-787 - Out-of-bounds Write
  • CWE-190 - Integer Overflow or Wraparound
Assigner
Impacted products
Vendor Product Version
Linux Linux Affected: 8b796475fd7882663a870456466a4fb315cc1bd6 , < 2bec122b9fb91507a758ab5e3e5c4fbe7cb3f61b (git)
Affected: 8b796475fd7882663a870456466a4fb315cc1bd6 , < b198ed4e52580a7238c7c7082f03906f8b310313 (git)
Affected: 8b796475fd7882663a870456466a4fb315cc1bd6 , < 3dee9d0c198faeb95d052c1b94c2958751a28512 (git)
Affected: 8b796475fd7882663a870456466a4fb315cc1bd6 , < 899ee91156e57784090c5565e4f31bd7dbffbc5a (git)
Affected: d0c38a914b0c4c21d553da801003d36979016726 (git)
Affected: 2ec2dd7d51a9320151f275ddbb2b53260fb32ca1 (git)
Affected: abe35bf3be51482593076d516a680d79e5fbc8e1 (git)
Affected: b773640d5bb9e2acfd91e2695717af04d47aa116 (git)
Affected: c19cc520b3d69904e9518d401ad0df7f4702aca0 (git)
Affected: 4.19.244 , < 4.20 (semver)
Affected: 5.4.195 , < 5.5 (semver)
Affected: 5.10.117 , < 5.11 (semver)
Affected: 5.15.41 , < 5.16 (semver)
Affected: 5.17.9 , < 5.18 (semver)
Create a notification for this product.
    Linux Linux Affected: 5.18
Unaffected: 0 , < 5.18 (semver)
Unaffected: 6.12.94 , ≤ 6.12.* (semver)
Unaffected: 6.18.36 , ≤ 6.18.* (semver)
Unaffected: 7.0.13 , ≤ 7.0.* (semver)
Unaffected: 7.1 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-46331",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-29T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          },
          {
            "descriptions": [
              {
                "cweId": "CWE-190",
                "description": "CWE-190 Integer Overflow or Wraparound",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-30T03:55:32.379Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/sgkdev/packet_edit_meme/tree/main"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:/a:redhat:enterprise_linux_nvidia:10::el10"
            ],
            "defaultStatus": "affected",
            "product": "NVIDIA for RHEL 10",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift:4.14::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift Container Platform 4.14",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift:4.16::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift Container Platform 4.16",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift:4.18::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift Container Platform 4.18",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift:4.19::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift Container Platform 4.19",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift:4.20::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift Container Platform 4.20",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift:4.21::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift Container Platform 4.21",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift:4.22::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift Container Platform 4.22",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux_eus:10.0"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10.2"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream (v. 10)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_e4s:9.2::appstream"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_e4s:9.4::appstream"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream E4S (v.9.4)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_eus:9.6::appstream"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:enterprise_linux:9::appstream"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream (v. 9)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux_eus:10.0"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10.2"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS (v. 10)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:8::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS (v. 8)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_aus:8.4::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_aus:8.6::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_e4s:8.8::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_tus:8.8::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_e4s:9.2::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_e4s:9.4::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_eus:9.6::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:9::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS (v. 9)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux_eus:10.0"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10.2"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:enterprise_linux:8::crb"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux CRB (v. 8)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_eus:9.6::crb"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat CodeReady Linux Builder EUS (v.9.6)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:enterprise_linux:9::crb"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux_eus:10.0"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10.2"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Real Time for NFV (v. 10)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:enterprise_linux:8::nfv"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux NFV (v. 8)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_e4s:9.2::nfv"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_e4s:9.4::nfv"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Real Time for NFV E4S (v.9.4)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_eus:9.6::nfv"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:enterprise_linux:9::nfv"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Real Time for NFV (v. 9)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux_eus:10.0"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Real Time EUS (v. 10.0)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10.2"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Real Time (v. 10)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:enterprise_linux:8::realtime"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux RT (v. 8)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_e4s:9.2::realtime"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Real Time E4S (v.9.2)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_e4s:9.4::realtime"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Real Time E4S (v.9.4)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_eus:9.6::realtime"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Real Time EUS (v.9.6)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:enterprise_linux:9::realtime"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Real Time (v. 9)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat Enterprise Linux 10",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:6"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat Enterprise Linux 6",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:7"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat Enterprise Linux 7",
            "vendor": "Red Hat"
          }
        ],
        "datePublic": "2026-05-18T04:04:00.000Z",
        "descriptions": [
          {
            "lang": "en",
            "value": "A flaw was found in the Linux kernel\u0027s traffic control packet editing (pedit) subsystem. In tcf_pedit_act(), the copy-on-write (COW) range for skb_ensure_writable() is computed once before iterating over edit keys, but the calculation does not account for runtime header offsets added by typed keys. This can leave part of the target write region without a proper copy-on-write, leading to an out-of-bounds write that corrupts page cache memory. A local attacker with the ability to configure traffic control rules could exploit this to escalate privileges or crash the system."
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "namespace": "https://access.redhat.com/security/updates/classification/",
                "value": "Important"
              },
              "type": "Red Hat severity rating"
            }
          },
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.7,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            },
            "format": "CVSS"
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-03T12:05:02.449Z",
          "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
          "shortName": "redhat-SADP"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2026-46331"
          },
          {
            "name": "RHBZ#2479492",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479492"
          },
          {
            "tags": [
              "x_sadp-csaf-vex"
            ],
            "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46331.json"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:27709"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:33666"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:28887"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:29080"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:29856"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:29863"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:29799"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:29833"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:29794"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:27731"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:27288"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:27705"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:27713"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:27708"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:27789"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:33225"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:27353"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:33220"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:27707"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:27704"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:27355"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:33219"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:33221"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:33222"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:33223"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:33224"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:27354"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:27706"
          }
        ],
        "solutions": [
          {
            "lang": "en",
            "value": "RHSA-2026:27709: NVIDIA for RHEL 10"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:33666: NVIDIA for RHEL 10"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:28887: Red Hat OpenShift Container Platform 4.14"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:29080: Red Hat OpenShift Container Platform 4.16"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:29856: Red Hat OpenShift Container Platform 4.18"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:29863: Red Hat OpenShift Container Platform 4.19"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:29799: Red Hat OpenShift Container Platform 4.20"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:29833: Red Hat OpenShift Container Platform 4.21"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:29794: Red Hat OpenShift Container Platform 4.22"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:27731: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux BaseOS EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0), Red Hat Enterprise Linux Real Time EUS (v. 10.0), Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:27288: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10), Red Hat Enterprise Linux Real Time (v. 10), Red Hat Enterprise Linux Real Time for NFV (v. 10)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:27705: Red Hat Enterprise Linux AppStream E4S (v.9.2), Red Hat Enterprise Linux BaseOS E4S (v.9.2)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:27713: Red Hat Enterprise Linux AppStream E4S (v.9.4), Red Hat Enterprise Linux BaseOS E4S (v.9.4), Red Hat Enterprise Linux Real Time E4S (v.9.4), Red Hat Enterprise Linux Real Time for NFV E4S (v.9.4)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:27708: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6), Red Hat Enterprise Linux BaseOS EUS (v.9.6), Red Hat Enterprise Linux Real Time EUS (v.9.6), Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:27789: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux BaseOS (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9), Red Hat Enterprise Linux Real Time (v. 9), Red Hat Enterprise Linux Real Time for NFV (v. 9)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:33225: Red Hat Enterprise Linux BaseOS (v. 10)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:27353: Red Hat Enterprise Linux BaseOS (v. 8), Red Hat Enterprise Linux CRB (v. 8)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:33220: Red Hat Enterprise Linux BaseOS (v. 8)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:27707: Red Hat Enterprise Linux BaseOS AUS (v.8.4), Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:27704: Red Hat Enterprise Linux BaseOS AUS (v.8.6), Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:27355: Red Hat Enterprise Linux BaseOS E4S (v.8.8), Red Hat Enterprise Linux BaseOS TUS (v.8.8)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:33219: Red Hat Enterprise Linux BaseOS E4S (v.8.8)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:33221: Red Hat Enterprise Linux BaseOS E4S (v.9.2)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:33222: Red Hat Enterprise Linux BaseOS E4S (v.9.4)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:33223: Red Hat Enterprise Linux BaseOS EUS (v.9.6)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:33224: Red Hat Enterprise Linux BaseOS (v. 9)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:27354: Red Hat Enterprise Linux NFV (v. 8), Red Hat Enterprise Linux RT (v. 8)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:27706: Red Hat Enterprise Linux Real Time E4S (v.9.2), Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-05-18T06:17:23.219Z",
            "value": "Reported to Red Hat."
          },
          {
            "lang": "en",
            "time": "2026-05-18T04:04:00.000Z",
            "value": "Made public."
          }
        ],
        "title": "kernel: net/sched: act_pedit: extend the writable skb range per key",
        "workarounds": [
          {
            "lang": "en",
            "value": "See the security bulletin for a detailed mitigation procedure."
          }
        ],
        "x_adpType": "supplier",
        "x_generator": {
          "engine": "sadp-cli 1.0.0"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/net/tc_act/tc_pedit.h",
            "net/sched/act_pedit.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2bec122b9fb91507a758ab5e3e5c4fbe7cb3f61b",
              "status": "affected",
              "version": "8b796475fd7882663a870456466a4fb315cc1bd6",
              "versionType": "git"
            },
            {
              "lessThan": "b198ed4e52580a7238c7c7082f03906f8b310313",
              "status": "affected",
              "version": "8b796475fd7882663a870456466a4fb315cc1bd6",
              "versionType": "git"
            },
            {
              "lessThan": "3dee9d0c198faeb95d052c1b94c2958751a28512",
              "status": "affected",
              "version": "8b796475fd7882663a870456466a4fb315cc1bd6",
              "versionType": "git"
            },
            {
              "lessThan": "899ee91156e57784090c5565e4f31bd7dbffbc5a",
              "status": "affected",
              "version": "8b796475fd7882663a870456466a4fb315cc1bd6",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "d0c38a914b0c4c21d553da801003d36979016726",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "2ec2dd7d51a9320151f275ddbb2b53260fb32ca1",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "abe35bf3be51482593076d516a680d79e5fbc8e1",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "b773640d5bb9e2acfd91e2695717af04d47aa116",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "c19cc520b3d69904e9518d401ad0df7f4702aca0",
              "versionType": "git"
            },
            {
              "lessThan": "4.20",
              "status": "affected",
              "version": "4.19.244",
              "versionType": "semver"
            },
            {
              "lessThan": "5.5",
              "status": "affected",
              "version": "5.4.195",
              "versionType": "semver"
            },
            {
              "lessThan": "5.11",
              "status": "affected",
              "version": "5.10.117",
              "versionType": "semver"
            },
            {
              "lessThan": "5.16",
              "status": "affected",
              "version": "5.15.41",
              "versionType": "semver"
            },
            {
              "lessThan": "5.18",
              "status": "affected",
              "version": "5.17.9",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/net/tc_act/tc_pedit.h",
            "net/sched/act_pedit.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.18"
            },
            {
              "lessThan": "5.18",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.94",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.36",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.*",
              "status": "unaffected",
              "version": "7.0.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "7.1",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.94",
                  "versionStartIncluding": "5.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.36",
                  "versionStartIncluding": "5.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0.13",
                  "versionStartIncluding": "5.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.1",
                  "versionStartIncluding": "5.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.19.244",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "5.4.195",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "5.10.117",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "5.15.41",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "5.17.9",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: fix pedit partial COW leading to page cache corruption\n\ntcf_pedit_act() computes the COW range for skb_ensure_writable()\nonce before the key loop using tcfp_off_max_hint, but the hint does\nnot account for the runtime header offset added by typed keys. This\ncan leave part of the write region un-COW\u0027d.\n\nFix by moving skb_ensure_writable() inside the per-key loop where\nthe actual write offset is known, and add overflow checking on the\noffset arithmetic. For negative offsets (e.g. Ethernet header edits\nat ingress), use skb_cow() to COW the headroom instead. Guard\noffset_valid() against INT_MIN, where negation is undefined."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-28T06:36:22.892Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2bec122b9fb91507a758ab5e3e5c4fbe7cb3f61b"
        },
        {
          "url": "https://git.kernel.org/stable/c/b198ed4e52580a7238c7c7082f03906f8b310313"
        },
        {
          "url": "https://git.kernel.org/stable/c/3dee9d0c198faeb95d052c1b94c2958751a28512"
        },
        {
          "url": "https://git.kernel.org/stable/c/899ee91156e57784090c5565e4f31bd7dbffbc5a"
        }
      ],
      "title": "net/sched: fix pedit partial COW leading to page cache corruption",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2026-46331",
    "datePublished": "2026-06-16T06:26:21.066Z",
    "dateReserved": "2026-05-13T15:03:33.112Z",
    "dateUpdated": "2026-07-03T12:05:02.449Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"kernel: net/sched: act_pedit: extend the writable skb range per key\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:enterprise_linux_nvidia:10::el10\"], \"vendor\": \"Red Hat\", \"product\": \"NVIDIA for RHEL 10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.14\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.16\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.18\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.20::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.20\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.21::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.21\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.22\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream E4S (v.9.2)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream E4S (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS (v. 8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_aus:8.4::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS AUS (v.8.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_aus:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS AUS (v.8.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus_long_life:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:8.8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS E4S (v.8.8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_tus:8.8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS TUS (v.8.8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:9.2::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS E4S (v.9.2)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:9.4::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS E4S (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus:9.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CRB (v. 8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.6::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat CodeReady Linux Builder EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time for NFV (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::nfv\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux NFV (v. 8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.2::nfv\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.4::nfv\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.6::nfv\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::nfv\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time for NFV (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::realtime\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux RT (v. 8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.2::realtime\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time E4S (v.9.2)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.4::realtime\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time E4S (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.6::realtime\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::realtime\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-18T06:17:23.219Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-05-18T04:04:00.000Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:27709: NVIDIA for RHEL 10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33666: NVIDIA for RHEL 10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:28887: Red Hat OpenShift Container Platform 4.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29080: Red Hat OpenShift Container Platform 4.16\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29856: Red Hat OpenShift Container Platform 4.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29799: Red Hat OpenShift Container Platform 4.20\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29833: Red Hat OpenShift Container Platform 4.21\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29794: Red Hat OpenShift Container Platform 4.22\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:27731: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux BaseOS EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0), Red Hat Enterprise Linux Real Time EUS (v. 10.0), Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:27288: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10), Red Hat Enterprise Linux Real Time (v. 10), Red Hat Enterprise Linux Real Time for NFV (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:27705: Red Hat Enterprise Linux AppStream E4S (v.9.2), Red Hat Enterprise Linux BaseOS E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:27713: Red Hat Enterprise Linux AppStream E4S (v.9.4), Red Hat Enterprise Linux BaseOS E4S (v.9.4), Red Hat Enterprise Linux Real Time E4S (v.9.4), Red Hat Enterprise Linux Real Time for NFV E4S (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:27708: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6), Red Hat Enterprise Linux BaseOS EUS (v.9.6), Red Hat Enterprise Linux Real Time EUS (v.9.6), Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:27789: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux BaseOS (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9), Red Hat Enterprise Linux Real Time (v. 9), Red Hat Enterprise Linux Real Time for NFV (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33225: Red Hat Enterprise Linux BaseOS (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:27353: Red Hat Enterprise Linux BaseOS (v. 8), Red Hat Enterprise Linux CRB (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33220: Red Hat Enterprise Linux BaseOS (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:27707: Red Hat Enterprise Linux BaseOS AUS (v.8.4), Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:27704: Red Hat Enterprise Linux BaseOS AUS (v.8.6), Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:27355: Red Hat Enterprise Linux BaseOS E4S (v.8.8), Red Hat Enterprise Linux BaseOS TUS (v.8.8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33219: Red Hat Enterprise Linux BaseOS E4S (v.8.8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33221: Red Hat Enterprise Linux BaseOS E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33222: Red Hat Enterprise Linux BaseOS E4S (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33223: Red Hat Enterprise Linux BaseOS EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33224: Red Hat Enterprise Linux BaseOS (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:27354: Red Hat Enterprise Linux NFV (v. 8), Red Hat Enterprise Linux RT (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:27706: Red Hat Enterprise Linux Real Time E4S (v.9.2), Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-05-18T04:04:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-46331\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2479492\", \"name\": \"RHBZ#2479492\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46331.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:27709\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33666\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28887\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29080\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29856\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29799\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29833\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29794\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:27731\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:27288\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:27705\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:27713\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:27708\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:27789\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33225\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:27353\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33220\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:27707\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:27704\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:27355\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33219\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33221\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33222\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33223\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33224\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:27354\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:27706\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"See the security bulletin for a detailed mitigation procedure.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in the Linux kernel\u0027s traffic control packet editing (pedit) subsystem. In tcf_pedit_act(), the copy-on-write (COW) range for skb_ensure_writable() is computed once before iterating over edit keys, but the calculation does not account for runtime header offsets added by typed keys. This can leave part of the target write region without a proper copy-on-write, leading to an out-of-bounds write that corrupts page cache memory. A local attacker with the ability to configure traffic control rules could exploit this to escalate privileges or crash the system.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-07-02T12:05:11.224Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-46331\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-29T14:06:32.936055Z\"}}}], \"references\": [{\"url\": \"https://github.com/sgkdev/packet_edit_meme/tree/main\", \"tags\": [\"exploit\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-190\", \"description\": \"CWE-190 Integer Overflow or Wraparound\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-29T14:06:24.170Z\"}}], \"cna\": {\"title\": \"net/sched: fix pedit partial COW leading to page cache corruption\", \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\"}}], \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"8b796475fd7882663a870456466a4fb315cc1bd6\", \"lessThan\": \"2bec122b9fb91507a758ab5e3e5c4fbe7cb3f61b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"8b796475fd7882663a870456466a4fb315cc1bd6\", \"lessThan\": \"b198ed4e52580a7238c7c7082f03906f8b310313\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"8b796475fd7882663a870456466a4fb315cc1bd6\", \"lessThan\": \"3dee9d0c198faeb95d052c1b94c2958751a28512\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"8b796475fd7882663a870456466a4fb315cc1bd6\", \"lessThan\": \"899ee91156e57784090c5565e4f31bd7dbffbc5a\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"d0c38a914b0c4c21d553da801003d36979016726\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"2ec2dd7d51a9320151f275ddbb2b53260fb32ca1\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"abe35bf3be51482593076d516a680d79e5fbc8e1\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"b773640d5bb9e2acfd91e2695717af04d47aa116\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"c19cc520b3d69904e9518d401ad0df7f4702aca0\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"4.19.244\", \"lessThan\": \"4.20\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"5.4.195\", \"lessThan\": \"5.5\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"5.10.117\", \"lessThan\": \"5.11\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"5.15.41\", \"lessThan\": \"5.16\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"5.17.9\", \"lessThan\": \"5.18\", \"versionType\": \"semver\"}], \"programFiles\": [\"include/net/tc_act/tc_pedit.h\", \"net/sched/act_pedit.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.18\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"5.18\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.12.94\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.12.*\"}, {\"status\": \"unaffected\", \"version\": \"6.18.36\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.18.*\"}, {\"status\": \"unaffected\", \"version\": \"7.0.13\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.0.*\"}, {\"status\": \"unaffected\", \"version\": \"7.1\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"include/net/tc_act/tc_pedit.h\", \"net/sched/act_pedit.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/2bec122b9fb91507a758ab5e3e5c4fbe7cb3f61b\"}, {\"url\": \"https://git.kernel.org/stable/c/b198ed4e52580a7238c7c7082f03906f8b310313\"}, {\"url\": \"https://git.kernel.org/stable/c/3dee9d0c198faeb95d052c1b94c2958751a28512\"}, {\"url\": \"https://git.kernel.org/stable/c/899ee91156e57784090c5565e4f31bd7dbffbc5a\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet/sched: fix pedit partial COW leading to page cache corruption\\n\\ntcf_pedit_act() computes the COW range for skb_ensure_writable()\\nonce before the key loop using tcfp_off_max_hint, but the hint does\\nnot account for the runtime header offset added by typed keys. This\\ncan leave part of the write region un-COW\u0027d.\\n\\nFix by moving skb_ensure_writable() inside the per-key loop where\\nthe actual write offset is known, and add overflow checking on the\\noffset arithmetic. For negative offsets (e.g. Ethernet header edits\\nat ingress), use skb_cow() to COW the headroom instead. Guard\\noffset_valid() against INT_MIN, where negation is undefined.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.12.94\", \"versionStartIncluding\": \"5.18\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.18.36\", \"versionStartIncluding\": \"5.18\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"7.0.13\", \"versionStartIncluding\": \"5.18\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"7.1\", \"versionStartIncluding\": \"5.18\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"4.19.244\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"5.4.195\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"5.10.117\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"5.15.41\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"5.17.9\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2026-06-28T06:36:22.892Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-46331\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-02T12:05:11.224Z\", \"dateReserved\": \"2026-05-13T15:03:33.112Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2026-06-16T06:26:21.066Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…