What is GHSA-m7mh-8j45-fp89?

GHSA-m7mh-8j45-fp89 is a security advisory published by GitHub Security Advisories with unknown severity. In the Linux kernel, the following vulnerability has been resolved: net: mctp: ensure our nlmsg...

Which CVE IDs does GHSA-m7mh-8j45-fp89 cover?

GHSA-m7mh-8j45-fp89 covers the following CVE IDs: CVE-2026-45930. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

GHSA-m7mh-8j45-fp89unknown

In the Linux kernel, the following vulnerability has been resolved: net: mctp: ensure our nlmsg...

Vendor

GitHub Security Advisories

Published

May 27, 2026

Last Modified

May 27, 2026

🔗 CVE IDs covered (1)

CVE-2026-45930 →

📋 Description

In the Linux kernel, the following vulnerability has been resolved:

net: mctp: ensure our nlmsg responses are initialised

Syed Faraz Abrar (@farazsth98) from Zellic, and Pumpkin (@u1f383) from DEVCORE Research Team working with Trend Micro Zero Day Initiative report that a RTM_GETNEIGH will return uninitalised data in the pad bytes of the ndmsg data.

Ensure we're initialising the netlink data to zero, in the link, addr and neigh response messages.

🔗 References (4)

https://nvd.nist.gov/vuln/detail/CVE-2026-45930
https://git.kernel.org/stable/c/6fb6a97c86abb8592158088afaea0eb464cf9de1
https://git.kernel.org/stable/c/a6a9bc544b675d8b5180f2718ec985ad267b5cbf
https://github.com/advisories/GHSA-m7mh-8j45-fp89