Linux Kernel Vulnerability in Netfilter Components
CVE-2026-43060

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 5 May 2026

What is CVE-2026-43060?

A network handling vulnerability in the Linux kernel's netfilter component can lead to issues where packets waiting in the nfqueue retain references to transient objects. These objects, such as connection tracking templates and timeout policies, could be invalidated upon module removal, resulting in a potential mishap due to stale references. This vulnerability necessitates immediate dropping of enqueued packets to prevent the system from interacting with non-existent objects. Future refinements may address more granular control over which packets should be discarded based on their dependencies.

Affected Version(s)

Linux 7e0b2b57f01d183e1c84114f1f2287737358d748 < 8a64e76933672b08bd85b63086f33432070fd729

Linux 7e0b2b57f01d183e1c84114f1f2287737358d748 < 3da0b946835f33bf36b459ead764c61a761e689b

Linux 7e0b2b57f01d183e1c84114f1f2287737358d748

References

https://git.kernel.org/stable/c/8a64e76933672b08bd85b6308...

https://git.kernel.org/stable/c/3da0b946835f33bf36b459ead...

https://git.kernel.org/stable/c/ab50302190b303f847c4eba0e...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 5, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43060 Data

JSON