CVE-2026-43037 - Vulnerability Analysis
CriticalCVSS: 9.8Last Updated: May 3, 2026
Linux Kernel - Buffer Overflow
Published: May 1, 2026Updated: May 3, 2026Remote Exploitable
Overview
Linux kernel contains a buffer overflow caused by improper clearing of skb2->cb[] in ip4ip6_err(), letting attackers trigger stack buffer overflow via crafted IPv6 packets, exploit requires network access.
Severity & Score
Severity: Critical
CVSS Score: 9.8
Impact
Attackers can cause a stack buffer overflow, potentially leading to denial of service or code execution.
Mitigation
Update to the latest Linux kernel version with the fix for ip4ip6_err() skb2->cb[] clearing.
References
- https://git.kernel.org/stable/c/590f622669b97eaf7b57a1de7b0a6e68c5d8b2c3
- https://git.kernel.org/stable/c/a0c4ce9900a108eaf55d0f3b399cb55999647d39
- https://git.kernel.org/stable/c/d6621f60192fe10c047a4487be42a6f4c150707f
- https://git.kernel.org/stable/c/ea9f65b27c8404e164848ebff1443310fd187629
- https://git.kernel.org/stable/c/1063515ce15ff31065c4e7f8265f4c2fd3c54876
- https://git.kernel.org/stable/c/2cc6e3b0fe0f0242d1f530a93a4924f48ab85ba5
- https://git.kernel.org/stable/c/2edfa31769a4add828a7e604b21cb82aaaa05925
- https://git.kernel.org/stable/c/4a622658f384b03560834cbe8ffcfe69a278f7c8
Related Resources
Details
- CVE ID
- CVE-2026-43037
- Severity
- Critical
- CVSS Score
- 9.8
- Type
- buffer_overflow
- Status
- unconfirmed
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H