Vulnerability in Linux Kernel Affecting Netfilter and NF_QUEUE Verdicts
CVE-2026-43024

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 May 2026

What is CVE-2026-43024?

A vulnerability has been identified in the Linux kernel related to the netfilter subsystem, specifically concerning the NF_QUEUE verdict. Within the nftables framework, immediate NF_QUEUE verdicts are not utilized by userspace tools. However, an unexpected scenario allows for the triggering of such verdicts through the arp family, which traditionally does not support queuing. This oversight enables the potential for unauthorized manipulations, necessitating a global rejection of immediate NF_QUEUE verdicts to reinforce system integrity and protect against exploitation.

Affected Version(s)

Linux 55a60251fa50d4e68175e36666b536a602ce4f6c < 2f7f825a548be55420f0f5f716f6c27b9d312d3f

Linux 960cf4f812530f01f6acc6878ceaa5404c06af7b

Linux 8e34430e33b8a80bc014f3efe29cac76bc30a4b4 < 68390437a998c3f2c57212b413abef5e6d657d88

References

https://git.kernel.org/stable/c/2f7f825a548be55420f0f5f71...

https://git.kernel.org/stable/c/f140593901724cfbd16597c3a...

https://git.kernel.org/stable/c/68390437a998c3f2c57212b41...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43024 Data

JSON