CVE-2026-43089 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_mapping() struct xfrm_usersa_id has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structure before setting individual variables.

PUBLISHED Reserved 2026-05-01 | Published 2026-05-06 | Updated 2026-05-06 | Assigner Linux

Product status

Default status

unaffected

3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4 (git) before d3125c541a96fb3c0fc7210112684baf22b6c24d

affected

3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4 (git) before 5a1a4b049ddde41466ccac0daeec326254b133f2

affected

3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4 (git) before f779a6b6cdb6e12baa0663063ac59ab2a8f20c0c

affected

3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4 (git) before 700c9622b23c33b5933e6dcea816492c064e4e10

affected

3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4 (git) before 1beb76b2053b68c491b78370794b8ff63c8f8c02

affected

Default status

affected

2.6.29

affected

Any version before 2.6.29

unaffected

6.6.136 (semver)

unaffected

6.12.83 (semver)

unaffected

6.18.24 (semver)

unaffected

6.19.14 (semver)

unaffected

7.0 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/d3125c541a96fb3c0fc7210112684baf22b6c24d

git.kernel.org/...c/5a1a4b049ddde41466ccac0daeec326254b133f2

git.kernel.org/...c/f779a6b6cdb6e12baa0663063ac59ab2a8f20c0c

git.kernel.org/...c/700c9622b23c33b5933e6dcea816492c064e4e10

git.kernel.org/...c/1beb76b2053b68c491b78370794b8ff63c8f8c02

cve.org (CVE-2026-43089)

nvd.nist.gov (CVE-2026-43089)

Download JSON

help @ threatint.eu