Exploitation Risk in Linux Kernel Netfilter by Vendor Linux
CVE-2026-43026

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 May 2026

What is CVE-2026-43026?

A vulnerability in the Linux kernel's netfilter component can lead to the exposure of stale NAT-related data. When the CTA_EXPECT_NAT field is absent from a netlink message, expectations allocated via ctnetlink_alloc_expect() may not correctly initialize fields, allowing stale data to be sent to userspace. This flaw could potentially be exploited to leak sensitive information or mislead users about the state of network connections. Proper handling of NAT fields is critical to maintaining data integrity.

Affected Version(s)

Linux 076a0ca02644657b13e4af363f487ced2942e9cb

Linux 076a0ca02644657b13e4af363f487ced2942e9cb < 1c2ebdeff8d088a2e47ae25d7b38447249adace2

Linux 076a0ca02644657b13e4af363f487ced2942e9cb

References

https://git.kernel.org/stable/c/a5a89db6981a1ddf2314bf50c...

https://git.kernel.org/stable/c/1c2ebdeff8d088a2e47ae25d7...

https://git.kernel.org/stable/c/a64b7bf84b4d5ea54218c5d37...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43026 Data

JSON