CVE-2026-46105

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified) openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1

Description An issue exists in the mpt3sas SCSI driver where the HBA firmware reports NVMe MDTS (Maximum Data Transfer Size) values based on drive capability. Because the driver uses a fixed 4K buffer for the PRP (Physical Region Page) list, it can only accommodate 512 entries, limiting the maximum I/O transfer size to 2 MiB. Issuing I/O requests that exceed this 2 MiB limit can lead to a kernel oops, which is a type of kernel panic or error that occurs when the system encounters a critical failure.**

Recommendations For openSUSE Tumbleweed, update to kernel-devel-7.0.11-1.1. At the moment, there is no information about a newer version that contains a fix for this vulnerability for the Linux kernel.