Description
In the Linux kernel, the following vulnerability has been resolved:

dlm: validate length in dlm_search_rsb_tree

The len parameter in dlm_dump_rsb_name() is not validated and comes
from network messages. When it exceeds DLM_RESNAME_MAXLEN, it can
cause out-of-bounds write in dlm_search_rsb_tree().

Add length validation to prevent potential buffer overflow.
Published: 2026-05-06
Score: 7.0 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Linux kernel Data Lock Manager module accepts a length value sent in network–originated messages without validating it against the defined maximum. When the length surpasses DLM_RESNAME_MAXLEN, the kernel performs an out‑of‑bounds write while searching the RSB tree, which creates a classic buffer overflow that can corrupt kernel memory. Depending on how the kernel code is structured, this memory corruption could allow an attacker to execute arbitrary code with kernel privileges.

Affected Systems

All Linux kernel variants that retain the unpatched DLM implementation are affected. This includes any distribution that ships the default kernel and has not applied the commit introducing length validation. Exact kernel versions are not enumerated, so any kernel built from source containing the vulnerable code before the patch is susceptible.

Risk and Exploitability

Because the vulnerability is remote‑accessible through the DLM network service, an attacker can send a crafted packet containing an oversized length value to trigger the overflow. The CVSS score is 7.0, and EPSS data is unavailable, indicating a high exploitation severity. The vulnerability is not listed in the CISA KEV catalog.

Generated by OpenCVE AI on May 7, 2026 at 02:00 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the kernel update that incorporates the length‑validation commit (080e5563f878c64e697b89e7439d730d0daad882 or equivalent).
  • Reboot the system so the updated kernel is loaded into memory.
  • If an update cannot be applied immediately, block or disable all traffic to the DLM network interface until a patched kernel is installed.

Generated by OpenCVE AI on May 7, 2026 at 02:00 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 07 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-130
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

threat_severity

Important

Wed, 06 May 2026 16:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-119

Wed, 06 May 2026 12:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlm_search_rsb_tree The len parameter in dlm_dump_rsb_name() is not validated and comes from network messages. When it exceeds DLM_RESNAME_MAXLEN, it can cause out-of-bounds write in dlm_search_rsb_tree(). Add length validation to prevent potential buffer overflow.
Title dlm: validate length in dlm_search_rsb_tree
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-06T11:27:10.903Z

Reserved: 2026-05-01T14:12:55.988Z

Link: CVE-2026-43125

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-06T12:16:29.450

Modified: 2026-05-06T13:07:51.607

Link: CVE-2026-43125

cve-icon Redhat

Severity : Important

Publid Date: 2026-05-06T00:00:00Z

Links: CVE-2026-43125 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-07T02:15:18Z

Weaknesses