Linux Kernel Vulnerability in mlx5: LAG Device Debugging Flaw
CVE-2026-43013

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 May 2026

What is CVE-2026-43013?

A logic error in the Linux kernel’s networking component, specifically within the mlx5 driver for LAG devices, allows for the creation of debugfs entries even when valid LAG context is not established. This oversight can lead to scenarios where NULL pointer dereferences occur if certain attributes are accessed without a valid context. A fix has been implemented to ensure a proper check is in place before these debugfs entries are created, enhancing system integrity and reliability.

Affected Version(s)

Linux 7f46a0b7327ae261f9981888708dbca22c283900

Linux 7f46a0b7327ae261f9981888708dbca22c283900 < 7129632cab3e4d23510b21930aa73b8d97a859f5

Linux 7f46a0b7327ae261f9981888708dbca22c283900

References

https://git.kernel.org/stable/c/a3db46d5f4df92630a96f7bc7...

https://git.kernel.org/stable/c/7129632cab3e4d23510b21930...

https://git.kernel.org/stable/c/cfa774e6c920c81e700327bf1...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43013 Data

JSON