Linux Kernel Vulnerability Affecting Hyper-V on Memory Access Permissions
CVE-2026-43096

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-43096?

A vulnerability in the Linux kernel's handling of memory access permissions within Hyper-V can lead to infinite fault loops when guest machines attempt to access memory regions without the necessary permissions. The issue arises in the mshv_handle_gpa_intercept function, which currently tries to remap pages for all types of access faults. If a guest writes to a read-only region, the remap occurs unsuccessfully, causing the guest virtual CPU to enter an endless fault loop. By validating access types against memory region permissions before allowing remapping, the vulnerability can be mitigated, preventing potential denial-of-service attacks where malicious guests could exploit the weakness to exhaust host resources.

Affected Version(s)

Linux b9a66cd5ccbb9fade15d0e427e19470d8ad35b75 < 02226839079ccc558820a3b25c4c46812927b4ba

Linux b9a66cd5ccbb9fade15d0e427e19470d8ad35b75 < 16cbec24897624051b324aa3a85859c38ca65fde

Linux 6.19

References

https://git.kernel.org/stable/c/02226839079ccc558820a3b25...

https://git.kernel.org/stable/c/16cbec24897624051b324aa3a...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43096 Data

JSON