Linux Kernel Vulnerability in RDS Component Affecting Page Management
CVE-2026-43494

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 21 May 2026

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2026-43494?

A vulnerability in the Linux kernel's RDS (Reliable Datagram Sockets) component affects the management of page pinning during zerocopy operations. When the function iov_iter_get_pages2() fails in rds_message_zcopy_from_user(), it releases pinned pages correctly but fails to reset the op_nents variable. This can result in incorrect memory management, as subsequent calls to rds_message_purge() may mistakenly operate on an incorrect count of operation elements. This defect has been addressed to ensure that op_nents is properly reset when necessary.

Affected Version(s)

Linux 0cebaccef3acbdfbc2d85880a2efb765d2f4e2e3

Linux 0cebaccef3acbdfbc2d85880a2efb765d2f4e2e3 < 03014551938a0887fa55f18ce49b70158a9c0113

Linux 0cebaccef3acbdfbc2d85880a2efb765d2f4e2e3

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2026-43494-PinTheft-PoC
Created by jayhutajulu1

References

https://git.kernel.org/stable/c/c6e51512a784c4a7b86e1a044...

https://git.kernel.org/stable/c/03014551938a0887fa55f18ce...

https://git.kernel.org/stable/c/d84ce1786ce40fdd3dd98db47...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
May 25, 2026
👾
Exploit known to exist
May 25, 2026
Vulnerability published
May 21, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43494 Data

JSON