Linux Kernel Vulnerability in XDP UMEM Validation
CVE-2026-43093

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-43093?

A vulnerability in the Linux kernel's XDP UMEM registration process could lead to insufficient allocation of space required for the reception of minimum-sized Ethernet frames. The current validation mechanism does not adequately consider tailroom, particularly when handling multi-buffer configurations. As a result, the shared information (skb_shared_info) stored at the end of the XSK frame can become corrupted, potentially impacting network operations. To mitigate this, and to ensure compatibility with hardware that typically works in 128-byte aligned sizes, adjustments to accommodate additional tailroom must be enforced during the setup phase.

Affected Version(s)

Linux 99e3a236dd43d06c65af0a2ef9cb44306aef6e02

Linux 99e3a236dd43d06c65af0a2ef9cb44306aef6e02 < 0ec4d3f6e6934deb843b561ae048cd17218e5ad1

Linux 99e3a236dd43d06c65af0a2ef9cb44306aef6e02 < 9ea6ba4f3195dcba6e8b3e7b2e748593b7cafb12

References

https://git.kernel.org/stable/c/a03975beb9f6af0d8ac051e30...

https://git.kernel.org/stable/c/0ec4d3f6e6934deb843b561ae...

https://git.kernel.org/stable/c/9ea6ba4f3195dcba6e8b3e7b2...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43093 Data

JSON