CVE-2026-43465 - Vulnerability Analysis
CriticalCVSS: 9.8Last Updated: May 11, 2026
Linux kernel mlx5e - Denial of Service
Overview
Linux kernel mlx5 driver contains a frag counting vulnerability caused by incorrect handling of XDP multi-buf buffer layout changes during bpf_xdp_pull_data() or bpf_xdp_adjust_tail() calls, letting attackers cause negative page fragment reference counting errors, exploit requires running XDP multi-buf programs.
Severity & Score
Impact
Attackers can cause kernel memory corruption leading to system instability or crashes.
Mitigation
Update to the Linux kernel version including the mlx5e RX multi-buf frag counting fix (post 6.18.0-rc7).
References
Social Media Activity(2 posts)
š“ CVE-2026-43465 - Critical (9.8) In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpf_xdp_pull_data() or bpf_x... š https://www.thehackerwire.com/vulnerability/CVE-2026-43465/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š“ CVE-2026-43465 - Critical (9.8) In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpf_xdp_pull_data() or bpf_x... š https://www.thehackerwire.com/vulnerability/CVE-2026-43465/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-43465
- Severity
- Critical
- CVSS Score
- 9.8
- Type
- undefined
- Status
- new
- EPSS
- 6.1%
- Social Posts
- 2
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H