IPv4 Header Parsing Vulnerability in Linux Kernel
CVE-2026-43037

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 May 2026

What is CVE-2026-43037?

A vulnerability in the Linux kernel's handling of IPv4 headers can lead to potential security risks. Specifically, the function ip4ip6_err() utilizes a cloned socket buffer (skb) with callback data (cb[]) that has been modified by the IPv6 processing path. This mismatch can allow attackers to exploit the system by manipulating header information, leading to memory corruption. The vulnerability has been addressed by clearing the skb2->cb[] field and reinforcing IPv4 header validation to ensure proper data handling and system integrity.

Affected Version(s)

Linux c4d3efafcc933fd2ffd169d7dc4f980393a13796

Linux c4d3efafcc933fd2ffd169d7dc4f980393a13796 < 2cc6e3b0fe0f0242d1f530a93a4924f48ab85ba5

References

https://git.kernel.org/stable/c/ea9f65b27c8404e164848ebff...

https://git.kernel.org/stable/c/d6621f60192fe10c047a4487b...

https://git.kernel.org/stable/c/2cc6e3b0fe0f0242d1f530a93...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43037 Data

JSON