IM
IronMonkey Threat Research

CVE-2026-43057 HIGH

Published: 2026-05-01 | Last Modified: 2026-07-14 | Status: Modified

Description

In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6_CSUM GSO fallback NETIF_F_IPV6_CSUM only advertises support for checksum offload of packets without IPv6 extension headers. Packets with extension headers must fall back onto software checksumming. Since TSO depends on checksum offload, those must revert to GSO. The below commit introduces that fallback. It always checks network header length. For tunneled packets, the inner header length must be checked instead. Extend the check accordingly. A special case is tunneled packets without inner IP protocol. Such as RFC 6951 SCTP in UDP. Those are not standard IPv6 followed by transport header either, so also must revert to the software GSO path.

CVSS Metrics

Base Score: 7.5 (HIGH)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack VectorNETWORK
Attack ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
ScopeUNCHANGED
Confidentiality ImpactNONE
Integrity ImpactNONE
Availability ImpactHIGH

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Type: Secondary

Exploitability Score: 3.9

Impact Score: 3.6

Weaknesses

Source Type Description
[email protected] Primary
en NVD-CWE-noinfo

Affected Products

Vendor Product Version Update Type
linux linux_kernel * <built-in method update of dict object at 0x702b70374080> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702b703778c0> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bde165ec0> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bcc9b3980> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702b70377e80> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bfc130480> Operating System
linux linux_kernel 6.17 <built-in method update of dict object at 0x702b70376940> Operating System
linux linux_kernel 6.17 <built-in method update of dict object at 0x702bde166fc0> Operating System
linux linux_kernel 6.17 <built-in method update of dict object at 0x702bde164e40> Operating System
linux linux_kernel 6.17 <built-in method update of dict object at 0x702b70374180> Operating System
linux linux_kernel 6.17 <built-in method update of dict object at 0x702bdc6a7040> Operating System
linux linux_kernel 6.17 <built-in method update of dict object at 0x702bde167c40> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702b703765c0> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702bfc130640> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702bde1651c0> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702bde166000> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702bfc2a6280> Operating System

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.17:-:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.17:rc3:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.17:rc4:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.17:rc5:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.17:rc6:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.17:rc7:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*

References

Notification
Message here