Improper Null Termination Affecting kernel-zfcpdump-devel-matched package, versions *
Threat Intelligence
The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-RHEL10-KERNELZFCPDUMPDEVELMATCHED-16466511
- published7 May 2026
- disclosed6 May 2026
Introduced: 6 May 2026
NewCVE-2026-43197 (opens in a new tab)How to fix?
There is no fixed version for RHEL:10 kernel-zfcpdump-devel-matched.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-zfcpdump-devel-matched package and not the kernel-zfcpdump-devel-matched package as distributed by RHEL.
See How to fix? for RHEL:10 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
netconsole: avoid OOB reads, msg is not nul-terminated
msg passed to netconsole from the console subsystem is not guaranteed to be nul-terminated. Before recent commit 7eab73b18630 ("netconsole: convert to NBCON console infrastructure") the message would be placed in printk_shared_pbufs, a static global buffer, so KASAN had harder time catching OOB accesses. Now we see:
printk: console [netcon_ext0] enabled BUG: KASAN: slab-out-of-bounds in string+0x1f7/0x240 Read of size 1 at addr ffff88813b6d4c00 by task pr/netcon_ext0/594CPU: 65 UID: 0 PID: 594 Comm: pr/netcon_ext0 Not tainted 6.19.0-11754-g4246fd6547c9 Call Trace: kasan_report+0xe4/0x120 string+0x1f7/0x240 vsnprintf+0x655/0xba0 scnprintf+0xba/0x120 netconsole_write+0x3fe/0xa10 nbcon_emit_next_record+0x46e/0x860 nbcon_kthread_func+0x623/0x750
Allocated by task 1: nbcon_alloc+0x1ea/0x450 register_console+0x26b/0xe10 init_netconsole+0xbb0/0xda0
The buggy address belongs to the object at ffff88813b6d4000 which belongs to the cache kmalloc-4k of size 4096 The buggy address is located 0 bytes to the right of allocated 3072-byte region [ffff88813b6d4000, ffff88813b6d4c00)
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2467238
- https://access.redhat.com/security/cve/CVE-2026-43197
- https://git.kernel.org/stable/c/3126a2f98beaec5a554a1fb31c46db1e8542665e
- https://git.kernel.org/stable/c/74ab1456eaa3b2eb986138f9e1f4cb37e73b6f58
- https://git.kernel.org/stable/c/82aec772fca2223bc5774bd9af486fd95766e578