Null Pointer Dereference in Linux Kernel's IPv4 and IPv6 Functions
CVE-2026-43099

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-43099?

A vulnerability in the Linux kernel allows for a null pointer dereference when the IPv6 stack is inactive. Specifically, the function 'ipv6_stub->ipv6_dev_find()' may return an error pointer, leading to a kernel crash when passed to 'dev_hold()'. The fix involves silently discarding erroneous requests instead of misreporting by returning 'No Such Interface', ensuring system stability in scenarios where an IPv6 interface can't be identified.

Affected Version(s)

Linux d329ea5bd8845f0b196bf41b18b6173340d6e0e4 < 47a8bf52156ac7e7a581eca31c1f964ba4258d4d

Linux d329ea5bd8845f0b196bf41b18b6173340d6e0e4 < 6be325206850a0891896d38bcf83a09d8b54ec48

Linux d329ea5bd8845f0b196bf41b18b6173340d6e0e4

References

https://git.kernel.org/stable/c/47a8bf52156ac7e7a581eca31...

https://git.kernel.org/stable/c/6be325206850a0891896d38bc...

https://git.kernel.org/stable/c/f91b3ed9e7fa82a70511b5f69...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43099 Data

JSON