Null Pointer Dereference Vulnerability in Linux Kernel Bridge Functionality
CVE-2026-43100

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-43100?

A vulnerability exists in the Linux Kernel bridge functionality, specifically in the handling of VLAN groups. When the VLAN filtering configuration is disabled, certain bridge helper functions can return a NULL pointer, leading to dereferencing of this pointer in critical operations. This can cause system crashes, especially when manipulating VLAN settings. To mitigate this issue, it is advised to implement NULL pointer checks in the impacted functions, ensuring that operations only proceed when valid VLAN groups exist.

Affected Version(s)

Linux 21446c06b441b9c993870efae71aef4e9aa72ec7

Linux 21446c06b441b9c993870efae71aef4e9aa72ec7 < 1979645e1842cb7017525a61a0e0e0beb924d02a

References

https://git.kernel.org/stable/c/fb612d436ff0317659e45a91c...

https://git.kernel.org/stable/c/ddf0ec2d600e7dad62b896927...

https://git.kernel.org/stable/c/1979645e1842cb7017525a61a...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43100 Data

JSON