Description
In the Linux kernel, the following vulnerability has been resolved:

rxgk: Fix potential integer overflow in length check

Fix potential integer overflow in rxgk_extract_token() when checking the
length of the ticket. Rather than rounding up the value to be tested
(which might overflow), round down the size of the available data.
Published: 2026-05-27
Score: 7.0 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Linux kernel contains an integer overflow in the rxgk_extract_token() function that occurs when calculating the length of a ticket. The original code rounded the value up for the check, which could exceed the limits of the provided data and corrupt kernel memory. The patch changes the logic to round the size down, eliminating the overflow.

Affected Systems

All Linux kernel installations that include the rxgk module and have not yet applied the patch are affected. No specific kernel versions are listed, so any kernel released before the fix should be considered vulnerable until verified otherwise.

Risk and Exploitability

The advisory assigns a CVSS score of 7.0, indicating significant impact. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. No public exploits are known, so the risk remains theoretical. The attack would require delivering a crafted input to the rxgk module, but the necessary conditions and confidence of exploitation are not detailed.

Generated by OpenCVE AI on May 28, 2026 at 02:16 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Linux kernel to a version that includes the rxgk integer overflow fix
  • Replace or rebuild any custom rxgk modules from vendor-patched sources
  • Monitor system logs and kernel crash dumps for signs of memory corruption or unexpected panics

Generated by OpenCVE AI on May 28, 2026 at 02:16 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 28 May 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

threat_severity

Moderate

Wed, 27 May 2026 20:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-190

Wed, 27 May 2026 14:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer overflow in length check Fix potential integer overflow in rxgk_extract_token() when checking the length of the ticket. Rather than rounding up the value to be tested (which might overflow), round down the size of the available data.
Title rxgk: Fix potential integer overflow in length check
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-27T12:56:51.317Z

Reserved: 2026-05-13T15:03:33.093Z

Link: CVE-2026-46039

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:17:23.263

Modified: 2026-05-27T14:48:03.013

Link: CVE-2026-46039

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-46039 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-28T02:30:04Z

Weaknesses