Security Vulnerability in Linux Kernel Affecting Data Packet Handling
CVE-2026-43500
Key Information:
Badges
What is CVE-2026-43500?
A vulnerability in the Linux kernel's handling of DATA and RESPONSE packets can lead to improper unsharing of externally-owned paged fragments. When certain conditions are met, particularly under the presence of cloned SKBs and chained fragment lists, the in-place decryption path is inadvertently utilized, potentially exposing sensitive data. This vulnerability extends the gate for unsharing to also cover cases where skb_has_frag_list() or skb_has_shared_frag() is active, thereby addressing risks associated with splice-loopback vectors while maintaining efficient processing for kernel-private fragments.
Affected Version(s)
Linux d0d5c0cd1e711c98703f3544c1e6fc1372898de5 < 3eae0f4f9f7206a4801efa5e0235c25bbd5a412c
Linux d0d5c0cd1e711c98703f3544c1e6fc1372898de5
Linux d0d5c0cd1e711c98703f3544c1e6fc1372898de5
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.