Vulnerability in Linux Kernel Affecting Packet Processing
CVE-2026-43030

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 May 2026

What is CVE-2026-43030?

A vulnerability in the Linux kernel's bpf subsystem allows for improper validation of packet pointers. When the conditions of 'regsafe()' are met, it may incorrectly indicate that a valid packet range is present, leading to potential manipulation of state and exploitation within the packet processing framework. This may affect the integrity and security of applications relying on accurate network data handling.

Affected Version(s)

Linux 95b6ec733752b31bfd166c4609d2c1b5cdde9b47

Linux 6d94e741a8ff818e5518da8257f5ca0aaed1f269 < 37db6b9726d0bcf91cbdf9d63b558c50da49f968

Linux 6d94e741a8ff818e5518da8257f5ca0aaed1f269 < 015a74476dc1ab6923d89f1ee009aaf43faa7185

References

https://git.kernel.org/stable/c/b52f6d0ef7b308f9d05bbddb7...

https://git.kernel.org/stable/c/37db6b9726d0bcf91cbdf9d63...

https://git.kernel.org/stable/c/015a74476dc1ab6923d89f1ee...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43030 Data

JSON