CVE-2026-12549: Buffer Access with Incorrect Length Value in Red Hat Red Hat Enterprise Linux 10
CVE-2026-12549 is a medium severity vulnerability in Red Hat Enterprise Linux 10 where a regression in a previous fix causes improper handling of HTTP Range requests. Specifically, when a client sends a Range request with a suffix length larger than the content size, a negative start value is not properly clamped. This leads to malformed HTTP 206 Partial Content responses and excessive log flooding.
AI Analysis
Technical Summary
This vulnerability is a regression of the fix for CVE-2026-2443 caused by a rework commit that replaced specific overflow checks with a general signed comparison. The issue arises when a client sends an HTTP Range request with a suffix length exceeding the content size, resulting in a negative start value that is not properly clamped. This causes malformed HTTP 206 responses and log flooding. The vulnerability has a CVSS 3.1 base score of 4.8 (medium severity) with network attack vector, high attack complexity, no privileges required, no user interaction, unchanged scope, low confidentiality impact, no integrity impact, and low availability impact. No known exploits are reported in the wild. The vendor advisory does not explicitly state a patch or remediation status.
Potential Impact
The vulnerability can cause malformed HTTP 206 responses and flooding of logs, which may lead to limited denial of service conditions or resource exhaustion on affected systems. Confidentiality impact is low, with no integrity impact. Availability impact is low due to potential log flooding. There is no indication of privilege escalation or remote code execution.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-12549 for current remediation guidance. Since no official fix or temporary workaround is explicitly stated in the advisory content provided, users should monitor the vendor site for updates and apply patches once available. No vendor advisory states that no action is required or that the issue is already mitigated.
CVE-2026-12549: Buffer Access with Incorrect Length Value in Red Hat Red Hat Enterprise Linux 10
Description
CVE-2026-12549 is a medium severity vulnerability in Red Hat Enterprise Linux 10 where a regression in a previous fix causes improper handling of HTTP Range requests. Specifically, when a client sends a Range request with a suffix length larger than the content size, a negative start value is not properly clamped. This leads to malformed HTTP 206 Partial Content responses and excessive log flooding.
CVSS v3.1
Score 4.8medium
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability is a regression of the fix for CVE-2026-2443 caused by a rework commit that replaced specific overflow checks with a general signed comparison. The issue arises when a client sends an HTTP Range request with a suffix length exceeding the content size, resulting in a negative start value that is not properly clamped. This causes malformed HTTP 206 responses and log flooding. The vulnerability has a CVSS 3.1 base score of 4.8 (medium severity) with network attack vector, high attack complexity, no privileges required, no user interaction, unchanged scope, low confidentiality impact, no integrity impact, and low availability impact. No known exploits are reported in the wild. The vendor advisory does not explicitly state a patch or remediation status.
Potential Impact
The vulnerability can cause malformed HTTP 206 responses and flooding of logs, which may lead to limited denial of service conditions or resource exhaustion on affected systems. Confidentiality impact is low, with no integrity impact. Availability impact is low due to potential log flooding. There is no indication of privilege escalation or remote code execution.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-12549 for current remediation guidance. Since no official fix or temporary workaround is explicitly stated in the advisory content provided, users should monitor the vendor site for updates and apply patches once available. No vendor advisory states that no action is required or that the issue is already mitigated.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-06-17T18:40:22.117Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-12549","vendor":"Red Hat"},{"url":"https://access.redhat.com/security/cve/cve-2026-0716","vendor":"Red Hat"}]
Threat ID: 6a395729eed863c81e0537d9
Added to database: 06/22/2026, 15:39:21 UTC
Last enriched: 06/22/2026, 16:09:46 UTC
Last updated: 06/22/2026, 20:12:25 UTC
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.