CVE-2026-43329
Flowtable Action Limit Exceeded in Linux Kernel
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux_kernel | linux_kernel | to 24 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability relates to the Linux kernel's netfilter flowtable feature, specifically in how it handles the maximum number of hardware offload actions for IPv6 traffic.
The issue arises because the total number of possible actions (such as ethernet mangling, SNAT, DNAT, double VLAN, and redirect) can add up to 17, which exceeds the previously enforced maximum of 16 actions per flow.
Additionally, the system supports actions for tunnels, which further complicates the count. Payload actions operate at a 32-bit word level, meaning some operations like mangling an IPv6 address consume multiple payload actions.
The vulnerability was addressed by updating the function that checks the number of actions to strictly enforce the maximum supported actions and by increasing the maximum allowed actions per flow from 16 to 24 to better accommodate IPv6 setups.
How can this vulnerability impact me? :
If unaddressed, this vulnerability could lead to improper handling of network flow actions in IPv6 environments, potentially causing unexpected behavior or failures in network packet processing.
Specifically, exceeding the maximum number of allowed actions without proper checks might result in incorrect flowtable configurations, which could degrade network performance or cause security mechanisms relying on these actions to malfunction.
By fixing this issue and increasing the maximum number of actions, the Linux kernel ensures more reliable and secure handling of complex IPv6 network flows.