Back to search
CVE-2026-43089
Published: May 6, 2026
Modified: Jun 1, 2026
PUBLISHED
Description
In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_mapping() struct xfrm_usersa_id has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structure before setting individual variables.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4 - < 521385cbd50ca9474396d88462fcdfa6489685d9affected 3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4 - < c2779ae9a3e5a044e5ccd564681511bbbcc5fc0faffected 3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4 - < 72a8de41c3eb4dcf22bf3b674ea38fb2f75d6f32affected 3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4 - < d3125c541a96fb3c0fc7210112684baf22b6c24daffected 3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4 - < 5a1a4b049ddde41466ccac0daeec326254b133f2+3 more versions |
Linux | Linux | affected 2.6.29unaffected 0 - < 2.6.29unaffected 5.10.258 - <= 5.10.*unaffected 5.15.209 - <= 5.15.*unaffected 6.1.175 - <= 6.1.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now