CVE-2026-45865

medium Red Hat
EPSS Score
0.0%
Exploitation probability in 30 days
Top 90% most likely to be exploited
Published: May 27, 2026 (44 days ago)
Last Modified: May 27, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in the Linux kernel's Message Control Transport Protocol (MCTP) over I2C (Inter-Integrated Circuit) implementation. A local attacker could exploit this vulnerability by performing I2C reads on an MCTP-I2C device. This could lead to the disclosure of uninitialized stack memory, potentially revealing sensitive information.

CWE

CWE-908

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References