2479813 – (CVE-2026-43491) CVE-2026-43491 kernel: net: qrtr: ns: Limit the maximum server registration per node

Bug 2479813 (CVE-2026-43491) - CVE-2026-43491 kernel: net: qrtr: ns: Limit the maximum server registration per node

Summary: CVE-2026-43491 kernel: net: qrtr: ns: Limit the maximum server registration p...

Keywords:
Status:	NEW
Alias:	CVE-2026-43491
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-05-19 12:01 UTC by OSIDB Bzimport
Modified:	2026-05-19 16:19 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-05-19 12:01:25 UTC

In the Linux kernel, the following vulnerability has been resolved:

net: qrtr: ns: Limit the maximum server registration per node

Current code does no bound checking on the number of servers added per
node. A malicious client can flood NEW_SERVER messages and exhaust memory.

Fix this issue by limiting the maximum number of server registrations to
256 per node. If the NEW_SERVER message is received for an old port, then
don't restrict it as it will get replaced. While at it, also rate limit
the error messages in the failure path of qrtr_ns_worker().

Note that the limit of 256 is chosen based on the current platform
requirements. If requirement changes in the future, this limit can be
increased.

Comment 1 Alexander B 2026-05-19 16:18:24 UTC

Upstream advisory:
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2026/CVE-2026-43491.mbox

Note You need to log in before you can comment on or make changes to this bug.