CVE-2026-43089

struct xfrmusersaid has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structure before setting individual variables.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43089.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4

Fixed

521385cbd50ca9474396d88462fcdfa6489685d9

Fixed

c2779ae9a3e5a044e5ccd564681511bbbcc5fc0f

Fixed

72a8de41c3eb4dcf22bf3b674ea38fb2f75d6f32

Fixed

d3125c541a96fb3c0fc7210112684baf22b6c24d

Fixed

5a1a4b049ddde41466ccac0daeec326254b133f2

Fixed

f779a6b6cdb6e12baa0663063ac59ab2a8f20c0c

Fixed

700c9622b23c33b5933e6dcea816492c064e4e10

Fixed

1beb76b2053b68c491b78370794b8ff63c8f8c02

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43089.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

2.6.29

Fixed

5.10.258

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.209

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.175

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.136

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.83

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.18.24

Type: ECOSYSTEM
Events: Introduced

6.19.0

Fixed

6.19.14

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43089.json"