CVE-2026-43093
Published: May 6, 2026
Modified: Jun 1, 2026
CVSS v3.1
7.8
Description
In the Linux kernel, the following vulnerability has been resolved: xsk: tighten UMEM headroom validation to account for tailroom and min frame The current headroom validation in xdp_umem_reg() could leave us with insufficient space dedicated to even receive minimum-sized ethernet frame. Furthermore if multi-buffer would come to play then skb_shared_info stored at the end of XSK frame would be corrupted. HW typically works with 128-aligned sizes so let us provide this value as bare minimum. Multi-buffer setting is known later in the configuration process so besides accounting for 128 bytes, let us also take care of tailroom space upfront.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 99e3a236dd43d06c65af0a2ef9cb44306aef6e02 - < 5f123bc278bf4e3283d8606321bebbfd299f4384affected 99e3a236dd43d06c65af0a2ef9cb44306aef6e02 - < 1a6051cd7e3e4c54ff3854a43b638b9292af5e67affected 99e3a236dd43d06c65af0a2ef9cb44306aef6e02 - < 8769708add9eadeea8041a9761771bb715a87104affected 99e3a236dd43d06c65af0a2ef9cb44306aef6e02 - < a03975beb9f6af0d8ac051e30b2abeabe618414faffected 99e3a236dd43d06c65af0a2ef9cb44306aef6e02 - < 0ec4d3f6e6934deb843b561ae048cd17218e5ad1+9 more versions |
Linux | Linux | affected 5.7unaffected 0 - < 5.7unaffected 5.10.258 - <= 5.10.*unaffected 5.15.209 - <= 5.15.*unaffected 6.1.175 - <= 6.1.*+5 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now