xfrm_user: fix info leak in build_mapping()

MITRE NVD CVE.ORG JSON API Print: PDF PDF

Summary

CVECVE-2026-43089
StatePUBLISHED
AssignerLinux
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-05-06 10:16:22 UTC
Updated2026-05-06 13:08:07 UTC
DescriptionIn the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_mapping() struct xfrm_usersa_id has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structure before setting individual variables.

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Linux Linux affected 3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4 d3125c541a96fb3c0fc7210112684baf22b6c24d git Not specified
CNA Linux Linux affected 3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4 5a1a4b049ddde41466ccac0daeec326254b133f2 git Not specified
CNA Linux Linux affected 3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4 f779a6b6cdb6e12baa0663063ac59ab2a8f20c0c git Not specified
CNA Linux Linux affected 3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4 700c9622b23c33b5933e6dcea816492c064e4e10 git Not specified
CNA Linux Linux affected 3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4 1beb76b2053b68c491b78370794b8ff63c8f8c02 git Not specified
CNA Linux Linux affected 2.6.29 Not specified
CNA Linux Linux unaffected 2.6.29 semver Not specified
CNA Linux Linux unaffected 6.6.136 6.6.* semver Not specified
CNA Linux Linux unaffected 6.12.83 6.12.* semver Not specified
CNA Linux Linux unaffected 6.18.24 6.18.* semver Not specified
CNA Linux Linux unaffected 6.19.14 6.19.* semver Not specified
CNA Linux Linux unaffected 7.0 * original_commit_for_fix Not specified

References

ReferenceSourceLinkTags
git.kernel.org/stable/c/700c9622b23c33b5933e6dcea816492c064e4e10 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/5a1a4b049ddde41466ccac0daeec326254b133f2 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/d3125c541a96fb3c0fc7210112684baf22b6c24d 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/1beb76b2053b68c491b78370794b8ff63c8f8c02 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/f779a6b6cdb6e12baa0663063ac59ab2a8f20c0c 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report