SUSE CVE-2026-46133

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...

CVE-2026-46133

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...

EUVD-2026-32760

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...

CVE-2026-46133

The CVE-2026-46133 issue affects Linux kernel’s Soft RoCE (RDMA/rxe) where an unauthenticated UDP packet with an unknown opcode could trigger an out-of-bounds read during ICRC/CRC processing due to missing validation of opcodes before length arithmetic. The advisory describes that entries in the ...

PT-2026-44256

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An out-of-bounds read exists in the RDMA Soft RoCE rxe driver. A single unauthenticated UDP packet containing an unknown opcode can trigger a kernel panic. The issue occurs because the driv...

CVE-2026-46043

A flaw was found in the Linux kernel's RDMA/rxe component. The rxercv function does not adequately validate the BTH pad and ICRC fields of incoming packets before calculating the payload size. A remote attacker could exploit this by sending a specially crafted short packet or a packet with a forg...

CVE-2026-46043

The CVE-2026-46043 detail shows a Linux kernel RDMA/rxe issue in rxe_rcv() where payload_size() could underflow due to attacker-controlled BTH pad and RXE_ICRC_SIZE not being accounted for in the initial length check. The fix requires validating paylen against the full minimum length: header_size...

CVE-2026-46043

RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv...

Red Cross Hack Linked to Iranian Influence Operation?

A network intrusion at the International Committee for the Red Cross ICRC in January led to the theft of personal information on more than 500,000 people receiving assistance from the group. KrebsOnSecurity has learned that the email address used by a cybercriminal actor who offered to sell the...

The Human Cost of Cyberattacks

The International Committee of the Red Cross has just published a report: "The Potential Human Cost of Cyber-Operations." It's the result of an "ICRC Expert Meeting" from last year, but was published this week. Here's a shorter blog post if you don't want to read the whole thing. And commentary b...

icrc.ieee.org XSS vulnerability

Open Bug Bounty ID: OBB-668214 Description| Value ---|--- Affected Website:| icrc.ieee.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...