CVE-2026-46105

Published: Mag 28, 2026 Last Modified: Mag 28, 2026

ExploitDB:

Other exploit source:

Google Dorks:

Description

AI Translation Available

In the Linux kernel, the following vulnerability has been resolved:

scsi: mpt3sas: Limit NVMe request size to 2 MiB

The HBA firmware reports NVMe MDTS values based on the underlying drive
capability. However, because the driver allocates a fixed 4K buffer for
the PRP list, accommodating at most 512 entries, the driver supports a
maximum I/O transfer size of 2 MiB.

Limit max_hw_sectors to the smaller of the reported MDTS and the 2 MiB
driver limit to prevent issuing oversized I/O that may lead to a kernel
oops.

https://git.kernel.org/stable/c/04631f55afc543d5431a2bdee7f…

https://git.kernel.org/stable/c/04631f55afc543d5431a2bdee7f6cc0f2c0debe7

https://git.kernel.org/stable/c/45dcc815fc5539e88154315f36c…

https://git.kernel.org/stable/c/45dcc815fc5539e88154315f36cbcb11d3a52fc2

https://git.kernel.org/stable/c/e5f9824817c6358b9f9738bdb92…

https://git.kernel.org/stable/c/e5f9824817c6358b9f9738bdb92dec9e4e794d3c

CVE-2026-46105

Description

Iscriviti alla newsletter