5.5
CVE-2026-43089
- EPSS 0.12%
- Veröffentlicht 06.05.2026 07:40:22
- Zuletzt bearbeitet 01.06.2026 17:17:02
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
xfrm_user: fix info leak in build_mapping()
In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_mapping() struct xfrm_usersa_id has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structure before setting individual variables.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.6.29.1 < 6.6.136
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.83
Linux ≫ Linux Kernel Version >= 6.13 < 6.18.24
Linux ≫ Linux Kernel Version >= 6.19 < 6.19.14
Linux ≫ Linux Kernel Version7.0 Updaterc1
Linux ≫ Linux Kernel Version7.0 Updaterc2
Linux ≫ Linux Kernel Version7.0 Updaterc3
Linux ≫ Linux Kernel Version7.0 Updaterc4
Linux ≫ Linux Kernel Version7.0 Updaterc5
Linux ≫ Linux Kernel Version7.0 Updaterc6
Linux ≫ Linux Kernel Version7.0 Updaterc7
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.023 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/d3125c541a96fb3c0fc7210112684baf22b6c24d
https://git.kernel.org/stable/c/5a1a4b049ddde41466ccac0daeec326254b133f2
https://git.kernel.org/stable/c/f779a6b6cdb6e12baa0663063ac59ab2a8f20c0c
https://git.kernel.org/stable/c/700c9622b23c33b5933e6dcea816492c064e4e10
https://git.kernel.org/stable/c/1beb76b2053b68c491b78370794b8ff63c8f8c02
https://git.kernel.org/stable/c/521385cbd50ca9474396d88462fcdfa6489685d9
https://git.kernel.org/stable/c/72a8de41c3eb4dcf22bf3b674ea38fb2f75d6f32
https://git.kernel.org/stable/c/c2779ae9a3e5a044e5ccd564681511bbbcc5fc0f