Buffer Overflow Vulnerability in Open vSwitch by Linux Kernel
CVE-2026-45840

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 May 2026

What is CVE-2026-45840?

A vulnerability exists in Open vSwitch within the Linux kernel that can lead to a buffer overflow when a user with CAP_NET_ADMIN privileges attempts to set an excessively large PID array during vport mutations. This vulnerability allows the potential for kernel panics and system instability due to insufficient size checks on the allocated netlink reply buffers. Affected systems can be exploited under unprivileged user namespaces, leading to serious security implications.

Affected Version(s)

Linux 5cd667b0a4567048bb555927d6ee564f4e5620a9

References

https://git.kernel.org/stable/c/f9ef3db77a383d66847fd082c...

https://git.kernel.org/stable/c/f99ac36b5d7c719d08a69fcde...

https://git.kernel.org/stable/c/fa6e90bc443bed8dc0d55bc5e...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 27, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-45840 Data

JSON