CVE-2026-46132

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A stack information leak exists in the rtnl fill vfinfo() function. The function declares a struct ifla vf broadcast on the stack without initialization. This structure contains a 32-byte field where only the first 6 bytes are written for Ethernet devices using memcpy(). The remaining 26 bytes of uninitialized kernel stack data are then leaked to userspace via the nla put() function during an RTM GETLINK request. An unprivileged local process can trigger this by opening AF NETLINK/NETLINK ROUTE and sending an RTM GETLINK request with an IFLA EXT MASK attribute containing RTEXT FILTER VF. The leaked data may include return addresses and transient sensitive information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.