CVE-2026-43028

Source
https://cve.org/CVERecord?id=CVE-2026-43028
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43028.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-43028
Downstream
Related
Published
2026-05-01T14:15:29.192Z
Modified
2026-07-04T18:29:22.494159281Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
Summary
netfilter: x_tables: ensure names are nul-terminated
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: x_tables: ensure names are nul-terminated

Reject names that lack a \0 character before feeding them to functions that expect c-strings.

Fixes tag is the most recent commit that needs this change.

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43028.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c38c4597e4bf3e99860eac98211748e1ecb0e139
Fixed
bcac50ea0a29d430eedc5ac87b215393b567baa9
Fixed
ea01c1b219f5a11c66918abaa6f052e5a74041d6
Fixed
aa6cd4a8863391e0a64f62d8922cb0af732a2cf2
Fixed
c2d4a3abb15ca14716c6d8b9ffcbcd7c63626af4
Fixed
673bbd36cba21d10a10f0932f479df7468e26fbb
Fixed
f419bdc205894750f4d3ec042bc87a1b9cde1351
Fixed
73124608172890306b85f2206d8b3cac20e324f1
Fixed
a958a4f90ddd7de0800b33ca9d7b886b7d40f74e

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43028.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.5.0
Fixed
5.10.253
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.203
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.168
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.134
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.81
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.22
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.12

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43028.json"