Linux Kernel Vulnerability Affecting Device Type Handling by Vendor
CVE-2026-43103

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-43103?

A vulnerability has been identified in the Linux kernel specifically concerning the handling of device types within the networking subsystem. In the function lapbeth_data_transmit(), there is an expectation that the underlying device type is ARPHRD_ETHER. A failure to meet this requirement could lead to inconsistent behavior in networking operations. Additionally, the function lapbeth_device_event() incorporates a safeguard by returning NOTIFY_BAD, which prevents the bonding driver from violating the expected device type. This resolution enhances the robustness of the kernel's network handling and mitigates potential exploitation.

Affected Version(s)

Linux 872254dd6b1f80cb95ee9e2e22980888533fc293 < 363a38044b8cd5b496d241651a1fb666e7c5fe3e

Linux 872254dd6b1f80cb95ee9e2e22980888533fc293 < 328bb2cff5c2ed973f595ded769e15f4b7a117be

Linux 872254dd6b1f80cb95ee9e2e22980888533fc293 < 63851f60781aa89258c8f0952cd13940aab0888e

References

https://git.kernel.org/stable/c/363a38044b8cd5b496d241651...

https://git.kernel.org/stable/c/328bb2cff5c2ed973f595ded7...

https://git.kernel.org/stable/c/63851f60781aa89258c8f0952...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43103 Data

JSON