PT-2026-43870 · Opensuse+1 · Opensuse Tumbleweed+1

Published

2026-05-27

Updated

2026-06-04

CVE-2026-46003

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified) openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1

Description The nameserver in the Qualcomm Router (qrtr) network subsystem does not limit the number of nodes it handles. A malicious client could register a large number of random nodes, resulting in memory exhaustion, which is a state where the system consumes all available RAM and becomes unresponsive.

Recommendations Update to a version of the Linux kernel where the maximum number of nodes is limited to 64. Update openSUSE Tumbleweed to version kernel-devel-7.0.11-1.1.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-46003

ECHO-D1FE-78FD-E4A3

OPENSUSE-SU-2026:10954-1

Affected Products

Linux Kernel

Opensuse Tumbleweed

PT-2026-43870 · Opensuse+1 · Opensuse Tumbleweed+1

CVE-2026-46003

Related Identifiers

Affected Products

References · 289