Linux Kernel Vulnerability Affecting Policy Management
CVE-2026-43091

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-43091?

The Linux kernel has a vulnerability in its policy management system where the xfrm_policy_fini() function fails to properly manage concurrent readers during the policy netns exit process. Specifically, it does not wait for all RCU (Read-Copy-Update) readers to complete their critical sections before freeing the policy_bydst hash tables. This oversight can lead to potential instability in kernel operations. To remedy this, a synchronize_rcu() call has been introduced to ensure that the hash tables are safely freed only after all readers have completed their operations, thereby enhancing the overall stability and security of the system.

Affected Version(s)

Linux e1e551bc56302b80ff930c966f9985095fb1b70d

Linux e1e551bc56302b80ff930c966f9985095fb1b70d < 438b1f668ad58f46ce699bb48e4698a7839e3f9e

Linux e1e551bc56302b80ff930c966f9985095fb1b70d < 3733fce2871c9bca9dd18a1a23b1432ea215a094

References

https://git.kernel.org/stable/c/b66920a3348c0f63ba1836524...

https://git.kernel.org/stable/c/438b1f668ad58f46ce699bb48...

https://git.kernel.org/stable/c/3733fce2871c9bca9dd18a1a2...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43091 Data

JSON