CVE-2026-43449

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A slab-out-of-bounds issue exists in the nvme-pci component. The problem occurs in the nvme dbbuf set() function due to an incorrect loop condition. The dev->online queues variable tracks the count of queues, where valid indices range from 0 to dev->online queues minus 1. Because the loop condition failed to properly restrict the index within this valid range, it could lead to memory access outside the allocated slab boundary.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.