Linux Kernel Liveupdate Vulnerability Affecting Various Distributions
CVE-2026-43489

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 13 May 2026

What is CVE-2026-43489?

A vulnerability in the Linux kernel's liveupdate mechanism allows for improper tracking of file retrieval attempts, leading to potential access of invalid data structures. This issue arises when the retrieve attempt fails; the status is not recorded, which can result in erroneous retry operations that may trigger warnings or instability. This flaw can disrupt the user experience and may compromise system integrity, necessitating the need for immediate remediation. The fix involves updating the mechanism to better handle error codes and retrieval statuses, ensuring that the system behaves predictably under failure conditions.

Affected Version(s)

Linux 7c722a7f44e0c1f9714084152226bc7bd644b7e3 < 1d3ad69484dc1cc53be62d2554e7ef038a627af9

Linux 7c722a7f44e0c1f9714084152226bc7bd644b7e3

Linux 6.19

References

https://git.kernel.org/stable/c/1d3ad69484dc1cc53be62d255...

https://git.kernel.org/stable/c/f85b1c6af5bc3872f994df0a5...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43489 Data

JSON