IM
IronMonkey Threat Research

CVE-2026-43040 HIGH

Published: 2026-05-01 | Last Modified: 2026-07-14 | Status: Modified

Description

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak When processing Router Advertisements with user options the kernel builds an RTM_NEWNDUSEROPT netlink message. The nduseroptmsg struct has three padding fields that are never zeroed and can leak kernel data The fix is simple, just zeroes the padding fields.

CVSS Metrics

Base Score: 7.1 (HIGH)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Attack VectorLOCAL
Attack ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
ScopeUNCHANGED
Confidentiality ImpactHIGH
Integrity ImpactNONE
Availability ImpactHIGH

Source: [email protected]

Type: Primary

Exploitability Score: 1.8

Impact Score: 5.2

Weaknesses

Source Type Description
[email protected] Primary
en CWE-909

Affected Products

Vendor Product Version Update Type
linux linux_kernel * <built-in method update of dict object at 0x702bcab46200> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bcbbf4840> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bcab47480> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bcbbf79c0> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bcab449c0> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bcab47bc0> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bdcc98980> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702bcab453c0> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702bcab45e00> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702bcab47680> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702bcab47340> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702ba6c513c0> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702bcab478c0> Operating System

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*

References

Notification
Message here