CVE-2026-46155

EUVD-2026-32782
In the Linux kernel, the following vulnerability has been resolved:

smb/client: fix out-of-bounds read in smb2_compound_op()

If a server sends a truncated response but a large OutputBufferLength, and
terminates the EA list early, check_wsl_eas() returns success without
validating that the entire OutputBufferLength fits within iov_len.

Then smb2_compound_op() does:
    memcpy(idata->wsl.eas, data[0], size[0]);

Where size[0] is OutputBufferLength. If iov_len is smaller than size[0],
memcpy can read beyond the end of the rsp_iov allocation and leak adjacent
kernel heap memory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
6.6.32 ≤
𝑥
< 6.6.140
linuxlinux_kernel
6.9 ≤
𝑥
< 6.12.88
linuxlinux_kernel
6.13 ≤
𝑥
< 6.18.30
linuxlinux_kernel
6.19 ≤
𝑥
< 7.0.7
linuxlinux_kernel
7.1:rc1
linuxlinux_kernel
7.1:rc2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.176-1
fixed
bookworm (security)
6.1.176-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.259-1
fixed
forky
7.1.3-1
fixed
sid
7.1.3-1
fixed
trixie
6.12.94-1
fixed
trixie (security)
6.12.95-1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
kernel
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-64k
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-64k-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-64k-debug
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-64k-debug-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-64k-debug-devel
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-64k-debug-devel-matched
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-64k-debug-modules
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-64k-debug-modules-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-64k-debug-modules-extra
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-64k-devel
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-64k-devel-matched
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-64k-modules
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-64k-modules-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-64k-modules-extra
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-abi-stablelists
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-debug
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-debug-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-debug-devel
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-debug-devel-matched
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-debug-modules
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-debug-modules-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-debug-modules-extra
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-debug-uki-virt
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-devel
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-devel-matched
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-doc
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-modules
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-modules-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-modules-extra
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-64k
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-64k-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-64k-debug
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-64k-debug-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-64k-debug-devel
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-64k-debug-modules
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-64k-debug-modules-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-64k-debug-modules-extra
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-64k-devel
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-64k-modules
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-64k-modules-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-64k-modules-extra
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-debug
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-debug-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-debug-devel
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-debug-modules
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-debug-modules-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-debug-modules-extra
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-devel
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-modules
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-modules-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-rt-modules-extra
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-tools
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-tools-libs
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-tools-libs-devel
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-uki-virt
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-uki-virt-addons
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-zfcpdump
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-zfcpdump-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-zfcpdump-devel
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-zfcpdump-devel-matched
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-zfcpdump-modules
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-zfcpdump-modules-core
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
kernel-zfcpdump-modules-extra
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
libperf
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
perf
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
python3-perf
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
rtla
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
rv
RHEL 9
0:5.14.0-687.22.1.el9_8
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
bpftool6.12
Amazon Linux 2023
1:6.12.88-119.157.amzn2023
fixed
bpftool6.12-debuginfo
Amazon Linux 2023
1:6.12.88-119.157.amzn2023
fixed
bpftool6.18
Amazon Linux 2023
1:6.18.30-61.116.amzn2023
fixed
bpftool6.18-debuginfo
Amazon Linux 2023
1:6.18.30-61.116.amzn2023
fixed
kernel-livepatch-6.12.88-119.157
Amazon Linux 2023
1:1.0-0.amzn2023
fixed
kernel-livepatch-6.18.30-61.116
Amazon Linux 2023
1:1.0-0.amzn2023
fixed
kernel6.12
Amazon Linux 2023
1:6.12.88-119.157.amzn2023
fixed
kernel6.12-debuginfo
Amazon Linux 2023
1:6.12.88-119.157.amzn2023
fixed
kernel6.12-debuginfo-common-aarch64
Amazon Linux 2023
1:6.12.88-119.157.amzn2023
fixed
kernel6.12-debuginfo-common-x86_64
Amazon Linux 2023
1:6.12.88-119.157.amzn2023
fixed
kernel6.12-devel
Amazon Linux 2023
1:6.12.88-119.157.amzn2023
fixed
kernel6.12-headers
Amazon Linux 2023
1:6.12.88-119.157.amzn2023
fixed
kernel6.12-modules-extra
Amazon Linux 2023
1:6.12.88-119.157.amzn2023
fixed
kernel6.12-modules-extra-common
Amazon Linux 2023
1:6.12.88-119.157.amzn2023
fixed
kernel6.12-tools
Amazon Linux 2023
1:6.12.88-119.157.amzn2023
fixed
kernel6.12-tools-debuginfo
Amazon Linux 2023
1:6.12.88-119.157.amzn2023
fixed
kernel6.12-tools-devel
Amazon Linux 2023
1:6.12.88-119.157.amzn2023
fixed
kernel6.18
Amazon Linux 2023
1:6.18.30-61.116.amzn2023
fixed
kernel6.18-debuginfo
Amazon Linux 2023
1:6.18.30-61.116.amzn2023
fixed
kernel6.18-debuginfo-common-aarch64
Amazon Linux 2023
1:6.18.30-61.116.amzn2023
fixed
kernel6.18-debuginfo-common-x86_64
Amazon Linux 2023
1:6.18.30-61.116.amzn2023
fixed
kernel6.18-devel
Amazon Linux 2023
1:6.18.30-61.116.amzn2023
fixed
kernel6.18-headers
Amazon Linux 2023
1:6.18.30-61.116.amzn2023
fixed
kernel6.18-modules-extra
Amazon Linux 2023
1:6.18.30-61.116.amzn2023
fixed
kernel6.18-modules-extra-common
Amazon Linux 2023
1:6.18.30-61.116.amzn2023
fixed
kernel6.18-tools
Amazon Linux 2023
1:6.18.30-61.116.amzn2023
fixed
kernel6.18-tools-debuginfo
Amazon Linux 2023
1:6.18.30-61.116.amzn2023
fixed
kernel6.18-tools-devel
Amazon Linux 2023
1:6.18.30-61.116.amzn2023
fixed
perf6.12
Amazon Linux 2023
1:6.12.88-119.157.amzn2023
fixed
perf6.12-debuginfo
Amazon Linux 2023
1:6.12.88-119.157.amzn2023
fixed
perf6.18
Amazon Linux 2023
1:6.18.30-61.116.amzn2023
fixed
perf6.18-debuginfo
Amazon Linux 2023
1:6.18.30-61.116.amzn2023
fixed
python3-perf6.12
Amazon Linux 2023
1:6.12.88-119.157.amzn2023
fixed
python3-perf6.12-debuginfo
Amazon Linux 2023
1:6.12.88-119.157.amzn2023
fixed
python3-perf6.18
Amazon Linux 2023
1:6.18.30-61.116.amzn2023
fixed
python3-perf6.18-debuginfo
Amazon Linux 2023
1:6.18.30-61.116.amzn2023
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
kernel
Azure Linux 3.0
0:6.6.141.1-1.azl3
fixed