CVE-2026-45952

medium Red Hat
EPSS Score
0.0%
Exploitation probability in 30 days
Top 96% most likely to be exploited
Published: May 27, 2026 (44 days ago)
Last Modified: May 27, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in the Linux kernel's fbnic driver. This vulnerability allows a local user to cause a Denial of Service (DoS) by increasing the Maximum Transmission Unit (MTU) beyond the hardware's threshold while an eXpress Data Path (XDP) program is attached. This improper validation of MTU changes leads to the driver dropping all multi-fragmented network frames, effectively breaking new TCP connections.

CWE

CWE-1284

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References