CVE-2026-43032
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
NFC: pn533: bound the UART receive buffer
pn532_receive_buf() appends every incoming byte to dev->recv_skb and only resets the buffer after pn532_uart_rx_is_frame() recognizes a complete frame. A continuous stream of bytes without a valid PN532 frame header therefore keeps growing the skb until skb_put_u8() hits the tail limit.
Drop the accumulated partial frame once the fixed receive buffer is full so malformed UART traffic cannot grow the skb past PN532_UART_SKB_BUFF_LEN.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | c656aa4c27b17a8c70da223ed5ab42145800d6b5 < 8bedf1dd5640ac8997bff00bbefe241b438df397 | affected |
| Linux | Linux | c656aa4c27b17a8c70da223ed5ab42145800d6b5 < 23e925183db26cd322597679669ad29d70ed2ada | affected |
| Linux | Linux | c656aa4c27b17a8c70da223ed5ab42145800d6b5 < 3adca9be14bf36b927193f05f5aea35a1a90e913 | affected |
| Linux | Linux | c656aa4c27b17a8c70da223ed5ab42145800d6b5 < 2c1fadd221b21d8038acfe6a0f56291881d5ff76 | affected |
| Linux | Linux | c656aa4c27b17a8c70da223ed5ab42145800d6b5 < f48ab6ee654ecc350434e4566bc785773f412b7e | affected |
| Linux | Linux | c656aa4c27b17a8c70da223ed5ab42145800d6b5 < ad2f60de5045bfb5d20ea468a97c8760c6a3a4f8 | affected |
| Linux | Linux | c656aa4c27b17a8c70da223ed5ab42145800d6b5 < cf2ff10183204349edfd6b972e189375fc5f1fb0 | affected |
| Linux | Linux | c656aa4c27b17a8c70da223ed5ab42145800d6b5 < 30fe3f5f6494f827d812ff179f295a8e532709d6 | affected |
| Linux | Linux | 5.5 | affected |
| Linux | Linux | 0 < 5.5 | unaffected |
| Linux | Linux | 5.10.253 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.203 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.168 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.134 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.81 <= 6.12.* | unaffected |
| Linux | Linux | 6.18.22 <= 6.18.* | unaffected |
| Linux | Linux | 6.19.12 <= 6.19.* | unaffected |
| Linux | Linux | 7.0 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/8bedf1dd5640ac8997bff00bbefe241b438df397
- https://git.kernel.org/stable/c/23e925183db26cd322597679669ad29d70ed2ada
- https://git.kernel.org/stable/c/3adca9be14bf36b927193f05f5aea35a1a90e913
- https://git.kernel.org/stable/c/2c1fadd221b21d8038acfe6a0f56291881d5ff76
- https://git.kernel.org/stable/c/f48ab6ee654ecc350434e4566bc785773f412b7e
- https://git.kernel.org/stable/c/ad2f60de5045bfb5d20ea468a97c8760c6a3a4f8
- https://git.kernel.org/stable/c/cf2ff10183204349edfd6b972e189375fc5f1fb0
- https://git.kernel.org/stable/c/30fe3f5f6494f827d812ff179f295a8e532709d6
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.