{"id":"CVE-2026-43184","summary":"rnbd-srv: Zero the rsp buffer before using it","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nrnbd-srv: Zero the rsp buffer before using it\n\nBefore using the data buffer to send back the response message, zero it\ncompletely. This prevents any stray bytes to be picked up by the client\nside when there the message is exchanged between different protocol\nversions.","modified":"2026-06-24T18:29:37.747915210Z","published":"2026-05-06T11:27:55.672Z","related":["SUSE-SU-2026:22099-1","SUSE-SU-2026:22112-1","SUSE-SU-2026:22127-1","openSUSE-SU-2026:20965-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43184.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/30868a6a5238849d554295aff3ce61d242d7fad8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/69d26698e4fd44935510553809007151b2fe4db5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7aac0a30dcf41cdb510526740d9a2ab1520c5d98"},{"type":"WEB","url":"https://git.kernel.org/stable/c/852475278ca5e96e0c0275950e1a84203e602b33"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b646e54d23b9b592d612a2036aab14e0f6c14206"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c94ede3c436dfbd9cedd9cb69f604f6fc901b6a2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e2cacec7d4291300a282feb3af8eba57b93b15aa"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e4272754063d52c9ad0169865add8816ba696471"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43184.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43184"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"2de6c8de192b9341ffa5e84afe1ce6196d4eef41"},{"fixed":"e4272754063d52c9ad0169865add8816ba696471"},{"fixed":"e2cacec7d4291300a282feb3af8eba57b93b15aa"},{"fixed":"b646e54d23b9b592d612a2036aab14e0f6c14206"},{"fixed":"30868a6a5238849d554295aff3ce61d242d7fad8"},{"fixed":"7aac0a30dcf41cdb510526740d9a2ab1520c5d98"},{"fixed":"c94ede3c436dfbd9cedd9cb69f604f6fc901b6a2"},{"fixed":"852475278ca5e96e0c0275950e1a84203e602b33"},{"fixed":"69d26698e4fd44935510553809007151b2fe4db5"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43184.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.8.0"},{"fixed":"5.10.252"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.202"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.165"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.128"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.75"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.16"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"6.19.6"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43184.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}