CVE-2026-43042

Published: May 1, 2026

Modified: May 11, 2026

PUBLISHED

CVSS v3.1

7.1

HIGH

Description

In the Linux kernel, the following vulnerability has been resolved: mpls: add seqcount to protect the platform_label{,s} pair The RCU-protected codepaths (mpls_forward, mpls_dump_routes) can have an inconsistent view of platform_labels vs platform_label in case of a concurrent resize (resize_platform_label_table, under platform_mutex). This can lead to OOB accesses. This patch adds a seqcount, so that we get a consistent snapshot. Note that mpls_label_ok is also susceptible to this, so the check against RTA_DST in rtm_to_route_config, done outside platform_mutex, is not sufficient. This value gets passed to mpls_label_ok once more in both mpls_route_add and mpls_route_del, so there is no issue, but that additional check must not be removed.

Vendor	Product	Versions
Linux	Linux	affected `7720c01f3f590116882e251f13c7e1d5602f8643 - < 5bb3caf0bbfb56f1a00d2af072ac3d8395a3b9ef` affected `7720c01f3f590116882e251f13c7e1d5602f8643 - < 629ec78ef8608d955ce217880cdc3e1873af3a15`
Linux	Linux	affected `4.1` unaffected `0 - < 4.1` unaffected `6.19.12 - <= 6.19.` unaffected `7.0 - <= `

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

High

References

https://git.kernel.org/stable/c/5bb3caf0bbfb56f1a00d2af072ac3d8395a3b9ef

https://git.kernel.org/stable/c/629ec78ef8608d955ce217880cdc3e1873af3a15

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-43042

Description

Affected Products

CVSS v3.1 Details

References