Heap Buffer Overflow Vulnerability in Linux Kernel's Persistent RAM Management
CVE-2026-46253

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 3 June 2026

What is CVE-2026-46253?

A vulnerability in the Linux kernel's persistent RAM management could allow for a heap buffer overflow. The function responsible for saving old logs in the persistent RAM can be mistakenly called multiple times, which, if conditions are met, can lead to an allocation of the wrong buffer size. If the size of the log buffer increases post-allocation, a subsequent write operation may exceed the allocated memory, resulting in an out-of-bounds memory condition. This flaw can be particularly challenging to exploit due to the specific circumstances required to trigger it, such as the presence of prior crash records that did not fully utilize their allocated buffer size. Affected users should ensure their systems are updated with the latest patches to mitigate this risk.

Affected Version(s)

Linux 201e4aca5aa179e6c69a4dcd36a3562e56b8d670 < 58bda5a1d1ee98254383ef34f76b2c35140513ea

Linux 201e4aca5aa179e6c69a4dcd36a3562e56b8d670 < 06d2c8bd108cea503f6f6e13e47495ed1085275f

Linux 201e4aca5aa179e6c69a4dcd36a3562e56b8d670 < 2fa9a047c6a50ec80c3890dd623b85e237f0d1fd

References

https://git.kernel.org/stable/c/58bda5a1d1ee98254383ef34f...

https://git.kernel.org/stable/c/06d2c8bd108cea503f6f6e13e...

https://git.kernel.org/stable/c/2fa9a047c6a50ec80c3890dd6...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 3, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46253 Data

JSON