CVE-2026-43093
HIGHxsk: tighten UMEM headroom validation to account for tailroom and min frame
Title source: cnaDescription
In the Linux kernel, the following vulnerability has been resolved: xsk: tighten UMEM headroom validation to account for tailroom and min frame The current headroom validation in xdp_umem_reg() could leave us with insufficient space dedicated to even receive minimum-sized ethernet frame. Furthermore if multi-buffer would come to play then skb_shared_info stored at the end of XSK frame would be corrupted. HW typically works with 128-aligned sizes so let us provide this value as bare minimum. Multi-buffer setting is known later in the configuration process so besides accounting for 128 bytes, let us also take care of tailroom space upfront.
References (8)
Core 8
Core References
Scores
CVSS v3
7.8
EPSS
0.0013
EPSS Percentile
2.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (34)
linux/Kernel
5.11.0 - 5.15.209linux
linux/Kernel
5.16.0 - 6.1.175linux
linux/Kernel
5.7.0 - 5.10.258linux
linux/Kernel
6.13.0 - 6.18.24linux
linux/Kernel
6.19.0 - 6.19.14linux
linux/Kernel
6.2.0 - 6.6.136linux
linux/Kernel
6.7.0 - 6.12.83linux
Linux/Linux
< 5.7
Linux/Linux
25c9cdef57488578da21d99eb614b97ffcf6e59f
Linux/Linux
4.19.118 - 4.20
... and 24 more
Published
May 06, 2026
Tracked Since
May 06, 2026