CVE-2026-43103

MEDIUM

net: lapbether: handle NETDEV_PRE_TYPE_CHANGE

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: net: lapbether: handle NETDEV_PRE_TYPE_CHANGE lapbeth_data_transmit() expects the underlying device type to be ARPHRD_ETHER. Returning NOTIFY_BAD from lapbeth_device_event() makes sure bonding driver can not break this expectation.

References (5)

Core 5

Core References

https://git.kernel.org/stable/c/363a38044b8cd5b496d241651a1fb666e7c5fe3e

https://git.kernel.org/stable/c/328bb2cff5c2ed973f595ded769e15f4b7a117be

https://git.kernel.org/stable/c/63851f60781aa89258c8f0952cd13940aab0888e

https://git.kernel.org/stable/c/b117056768ab7deb434e7d72065e48d2083a0c2a

https://git.kernel.org/stable/c/b120e4432f9f56c7103133d6a11245e617695adb

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 2.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

Status published

Products (14)

Linux/Linux < 2.6.24

Linux/Linux 2.6.24

Linux/Linux 6.12.83 - 6.12.*

Linux/Linux 6.18.24 - 6.18.*

Linux/Linux 6.19.14 - 6.19.*

Linux/Linux 6.6.136 - 6.6.*

Linux/Linux 7.0

Linux/Linux 872254dd6b1f80cb95ee9e2e22980888533fc293 - 328bb2cff5c2ed973f595ded769e15f4b7a117be

Linux/Linux 872254dd6b1f80cb95ee9e2e22980888533fc293 - 363a38044b8cd5b496d241651a1fb666e7c5fe3e

Linux/Linux 872254dd6b1f80cb95ee9e2e22980888533fc293 - 63851f60781aa89258c8f0952cd13940aab0888e

... and 4 more

Published May 06, 2026

Tracked Since May 06, 2026