CVE-2026-43093
Buffer Overflow in Linux Kernel XDP Socket Implementation
Publication date: 2026-05-06
Last updated on: 2026-05-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's xsk (AF_XDP) subsystem, specifically in the headroom validation logic of the xdp_umem_reg() function.
The issue is that the current validation for headroom space does not properly account for the tailroom and the minimum size of an Ethernet frame. This can result in insufficient space being allocated to receive even the smallest Ethernet frames.
Additionally, if multi-buffering is used, the skb_shared_info structure stored at the end of the XSK frame could become corrupted due to this improper validation.
The fix involves tightening the validation to ensure at least 128 bytes of headroom (which aligns with typical hardware requirements) and also accounting for tailroom space upfront, even though multi-buffer settings are known later in the configuration process.
How can this vulnerability impact me? :
This vulnerability can lead to corrupted data structures within the kernel's networking stack, specifically the skb_shared_info structure when multi-buffering is used.
Such corruption could cause unpredictable behavior in packet processing, potentially leading to network packet loss, data corruption, or kernel crashes.
Because it affects the handling of Ethernet frames at a low level, it could impact the reliability and stability of network communications on affected Linux systems.