CVE-2026-43210
Analyzed Analyzed - Analysis Complete
Linux Kernel Ring Buffer Length Validation Flaw

Publication date: 2026-05-06

Last updated on: 2026-05-11

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: tracing: ring-buffer: Fix to check event length before using Check the event length before adding it for accessing next index in rb_read_data_buffer(). Since this function is used for validating possibly broken ring buffers, the length of the event could be broken. In that case, the new event (e + len) can point a wrong address. To avoid invalid memory access at boot, check whether the length of each event is in the possible range before using it.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-06
Last Modified
2026-05-11
Generated
2026-06-16
AI Q&A
2026-05-06
EPSS Evaluated
2026-06-14
NVD
CVE-2026-43210
EUVD
EUVD-2026-27769
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 6.13 (inc) to 6.18.16 (exc)
linux linux_kernel From 6.19 (inc) to 6.19.6 (exc)
linux linux_kernel From 6.12 (inc) to 6.12.75 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's tracing ring-buffer functionality. Specifically, the issue is that the event length was not properly checked before being used in the function rb_read_data_buffer(). Because this function validates potentially broken ring buffers, an incorrect event length could cause the code to access an invalid memory address when calculating the next event's position.

The fix involves verifying that the length of each event is within a valid range before using it, which prevents invalid memory access during system boot.

Impact Analysis

If exploited, this vulnerability could lead to invalid memory access in the Linux kernel during boot time. This could potentially cause system instability, crashes, or unexpected behavior due to accessing incorrect memory locations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-43210. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart