CVE-2026-43040
IPv6 Router Advertisement Info-Leak in Linux Kernel
Publication date: 2026-05-01
Last updated on: 2026-05-01
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's IPv6 Neighbor Discovery (ndisc) component. Specifically, when processing Router Advertisements that include user options, the kernel constructs a netlink message (RTM_NEWNDUSEROPT) using a structure called nduseroptmsg. This structure contains three padding fields that were not initialized to zero, which could lead to leakage of kernel memory data.
The vulnerability is fixed by ensuring these padding fields are zeroed out before use, preventing any unintended information disclosure.
How can this vulnerability impact me? :
This vulnerability can lead to an information leak where sensitive kernel memory data might be exposed through uninitialized padding fields in netlink messages. An attacker could potentially use this leaked information to gain insights into the kernel's memory layout or other sensitive data, which might aid in further attacks or exploitation.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is fixed by zeroing the padding fields in the nduseroptmsg struct when processing Router Advertisements with user options.
To mitigate this vulnerability immediately, update your Linux kernel to a version that includes this fix.