CVE-2026-43089

MEDIUM

xfrm_user: fix info leak in build_mapping()

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_mapping() struct xfrm_usersa_id has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structure before setting individual variables.

Scores

CVSS v3 5.5
EPSS 0.0012
EPSS Percentile 2.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-401
Status published
Products (27)
linux/Kernel 2.6.29 - 5.10.258linux
linux/Kernel 5.11.0 - 5.15.209linux
linux/Kernel 5.16.0 - 6.1.175linux
linux/Kernel 6.13.0 - 6.18.24linux
linux/Kernel 6.19.0 - 6.19.14linux
linux/Kernel 6.2.0 - 6.6.136linux
linux/Kernel 6.7.0 - 6.12.83linux
Linux/Linux < 2.6.29
Linux/Linux 2.6.29
Linux/Linux 3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4 - 1beb76b2053b68c491b78370794b8ff63c8f8c02
... and 17 more
Published May 06, 2026
Tracked Since May 06, 2026