Linux Kernel Netfilter Vulnerability in AVX2 Matching Functions
CVE-2026-43114

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-43114?

A logic error in the Linux kernel's AVX2 matching functions for netfilter could lead to incorrect behavior during the reinsertion of elements into the data structure. Specifically, when handling a flushed set, the system may mistakenly return a previously valid entry that should not have matched due to its marked invalidity. This occurs due to improper handling of the last field during the matching process, leading to the unnecessary continuation of data processing that fails to account for all elements accurately. As a result, this vulnerability can allow for potential inconsistencies in network packet filtering.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 3d53f9aafd469ae1ea27051e00f5b96ca1b55d52

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 07de44424bb7f17ef9357e8535df96d9e97c40cb

References

https://git.kernel.org/stable/c/fa4f1f52528c73989d820f32b...

https://git.kernel.org/stable/c/3d53f9aafd469ae1ea27051e0...

https://git.kernel.org/stable/c/07de44424bb7f17ef9357e853...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43114 Data

JSON