CVE-2026-46072

medium Red Hat
Published: May 27, 2026 (44 days ago)
Last Modified: May 27, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in the Linux kernel's `ntfs3` module. A local attacker, by mounting a specially crafted NTFS (New Technology File System) image containing truncated run data, could trigger an out-of-bounds heap read. This vulnerability allows for the disclosure of sensitive information from kernel memory.

CWE

CWE-1284

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References