PT-2026-51330 · Red Hat · Red Hat Enterprise Linux 10+4
Osidb Bzimport
·
Publicado
2026-06-22
·
Atualizado
2026-06-22
·
CVE-2026-12549
CVSS v3.1
4.8
Média
| Vetor | AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L |
The fix for CVE-2026-2443 was regressed by a subsequent rework commit that replaced specific overflow checks with a general signed comparison. When a client sends a Range request with a suffix length exceeding the content size, the resulting negative start value is not properly clamped, leading to malformed HTTP 206 responses and log flooding.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 9