CVE-2026-43089
Memory Corruption in Linux Kernel XFRM User Subsystem
Publication date: 2026-05-06
Last updated on: 2026-05-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux_kernel | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's xfrm_user component, specifically in the build_mapping() function.
The issue arises because the struct xfrm_usersa_id contains a one-byte padding hole after the proto field. This padding byte is never initialized to zero before the structure is copied out to userspace.
As a result, uninitialized memory data can be leaked to userspace, potentially exposing sensitive information.
The fix involves zeroing out the entire structure before setting individual variables, ensuring no unintended data is leaked.
How can this vulnerability impact me? :
This vulnerability can lead to an information leak where uninitialized memory data is exposed to userspace.
Such leaks can potentially reveal sensitive or confidential information that resides in kernel memory, which could be exploited by attackers to gain insights into the system or escalate privileges.