Bug 2467027 (CVE-2026-43082)

Summary: CVE-2026-43082 kernel: net: txgbe: leave space for null terminators on property_entry
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: rhel-process-autobot, watson-tool-maintainers
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in the Linux kernel's txgbe network driver. The driver fails to allocate sufficient memory for null terminators when processing lists of `struct property_entry`. This memory allocation error can lead to an out-of-bounds write. An attacker could potentially exploit this vulnerability to cause a denial of service (DoS), leading to system instability or crashes.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2026-05-06 10:03:51 UTC 
In the Linux kernel, the following vulnerability has been resolved:

net: txgbe: leave space for null terminators on property_entry

Lists of struct property_entry are supposed to be terminated with an
empty property, this driver currently seems to be allocating exactly the
amount of entry used.

Change the struct definition to leave an extra element for all
property_entry.
Comment 1 Alexander B 2026-05-06 12:57:58 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026050614-CVE-2026-43082-79cd@gregkh/T