CVE-2026-46003
Published May 27, 2026
Modified May 27, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the total number of nodes Currently, the nameserver doesn't limit the number of nodes it handles. This can be an attack vector if a malicious client starts registering random nodes, leading to memory exhaustion. Hence, limit the maximum number of nodes to 64. Note that, limit of 64 is chosen based on the current platform requirements. If requirement changes in the future, this limit can be increased.
References
Other References
https://git.kernel.org/stable/c/27d5e84e810b0849d08b9aec68e48570461ce313
https://git.kernel.org/stable/c/4665a29c08e1b36bc9db4814f9dde3d23e8fd1b0
https://git.kernel.org/stable/c/4c46413661431aa60fb134cd4ecdf8beaa39f824
https://git.kernel.org/stable/c/5cf6d5e5e3b804a44692fbf548a5179442e2e923
https://git.kernel.org/stable/c/8022876894d09ae485b499058c3357da683bcc5d
Frequently Asked Questions
What is CVE-2026-46003? +
In the Linux kernel, the following vulnerability has been resolved:
net: qrtr: ns: Limit the total number of nodes
Currently, the nameserver doesn't limit the number of nodes it handles.
This can be an attack vector if a malicious client starts registering
random nodes, leading to memory exhaustion.
Hence, limit the maximum number of nodes to 64. Note that, limit of 64 is
chosen based on the current platform requirements. If requirement changes
in the future, this limit can be increased.
How do I check if I'm vulnerable to CVE-2026-46003? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.