7.8

CVE-2026-43093

xsk: tighten UMEM headroom validation to account for tailroom and min frame

In the Linux kernel, the following vulnerability has been resolved:

xsk: tighten UMEM headroom validation to account for tailroom and min frame

The current headroom validation in xdp_umem_reg() could leave us with
insufficient space dedicated to even receive minimum-sized ethernet
frame. Furthermore if multi-buffer would come to play then
skb_shared_info stored at the end of XSK frame would be corrupted.

HW typically works with 128-aligned sizes so let us provide this value
as bare minimum.

Multi-buffer setting is known later in the configuration process so
besides accounting for 128 bytes, let us also take care of tailroom space
upfront.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.19.118 < 4.20
LinuxLinux Kernel Version >= 5.4.35 < 5.5
LinuxLinux Kernel Version >= 5.6.7 < 5.7
LinuxLinux Kernel Version >= 5.7.1 < 6.6.136
LinuxLinux Kernel Version >= 6.7 < 6.12.83
LinuxLinux Kernel Version >= 6.13 < 6.18.24
LinuxLinux Kernel Version >= 6.19 < 6.19.14
LinuxLinux Kernel Version5.7 Update-
LinuxLinux Kernel Version5.7 Updaterc2
LinuxLinux Kernel Version5.7 Updaterc3
LinuxLinux Kernel Version5.7 Updaterc4
LinuxLinux Kernel Version5.7 Updaterc5
LinuxLinux Kernel Version5.7 Updaterc6
LinuxLinux Kernel Version5.7 Updaterc7
LinuxLinux Kernel Version7.0 Updaterc1
LinuxLinux Kernel Version7.0 Updaterc2
LinuxLinux Kernel Version7.0 Updaterc3
LinuxLinux Kernel Version7.0 Updaterc4
LinuxLinux Kernel Version7.0 Updaterc5
LinuxLinux Kernel Version7.0 Updaterc6
LinuxLinux Kernel Version7.0 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.029
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/a03975beb9f6af0d8ac051e30b2abeabe618414f
Patch
https://git.kernel.org/stable/c/0ec4d3f6e6934deb843b561ae048cd17218e5ad1
Patch
https://git.kernel.org/stable/c/9ea6ba4f3195dcba6e8b3e7b2e748593b7cafb12
Patch
https://git.kernel.org/stable/c/6523bc1b40e69301f24c14338b762af4739d6d39
Patch
https://git.kernel.org/stable/c/a315e022a72d95ef5f1d4e58e903cb492b0ad931
Patch
https://git.kernel.org/stable/c/1a6051cd7e3e4c54ff3854a43b638b9292af5e67
https://git.kernel.org/stable/c/5f123bc278bf4e3283d8606321bebbfd299f4384
https://git.kernel.org/stable/c/8769708add9eadeea8041a9761771bb715a87104