CVE-2026-43491

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The net: qrtr: ns component lacks bound checking on the number of servers added per node. A malicious client can exhaust memory by flooding the system with NEW SERVER messages. The issue is handled within the qrtr ns worker() function.

Recommendations Limit the maximum number of server registrations to 256 per node. Rate limit the error messages in the failure path of the qrtr ns worker() function.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-43491

ECHO-2EDD-6081-9C80

OPENSUSE-SU-2026:10859-1

Affected Products

Linux Kernel

CVE-2026-43491

Related Identifiers

Affected Products

References · 25