CVE-2026-43481: Kernel Memory Corruption in Linux Kernel
平台
linux
组件
linux
修复版本
57885276cc16a2e2b76282c808a4e84cbecb3aae
CVE-2026-43481 is a memory corruption vulnerability discovered and resolved in the Linux Kernel. This issue stems from a double-free condition within the netshapers subsystem, specifically within the netshapernlgetdoit() and netshapernlcapgetdoit() functions. Exploitation can lead to a denial-of-service (DoS) condition. The vulnerability affects Linux Kernel versions up to and including 57885276cc16a2e2b76282c808a4e84cbecb3aae, with a fix available in the same version.
影响与攻击场景翻译中…
The vulnerability allows for a double-free condition, where the same memory buffer is freed twice. This can lead to a crash of the net_shapers subsystem, potentially causing a denial-of-service (DoS) for the affected system. An attacker could trigger this by sending specially crafted network shaping requests. While the immediate impact is a DoS, a successful exploitation could potentially be chained with other vulnerabilities to achieve more severe consequences, such as arbitrary code execution, although this is not directly demonstrated in the vulnerability description. The blast radius is limited to the system running the vulnerable kernel.
利用背景翻译中…
The vulnerability was published on 2026-05-13. There is no indication of this vulnerability being listed on KEV or having an EPSS score. No public proof-of-concept (PoC) code is currently known. Given the nature of the vulnerability (memory corruption leading to DoS), it is plausible that it could be exploited in the future, especially if a PoC is released.
受影响的软件
时间线
- 已保留
- 发布日期
缓解措施和替代方案翻译中…
The primary mitigation is to upgrade the Linux Kernel to version 57885276cc16a2e2b76282c808a4e84cbecb3aae or later. If an immediate upgrade is not possible due to compatibility concerns or testing requirements, consider implementing temporary workarounds. While no specific WAF or proxy rules are directly applicable, ensuring robust network input validation can help prevent the transmission of malicious network shaping requests. Monitor system logs for any unusual kernel errors or crashes related to the net_shapers subsystem. After upgrading, confirm the fix by sending a series of network shaping requests and verifying that no crashes or errors occur.
修复方法翻译中…
Aplique la actualización del kernel a la versión corregida (6.13 o superior) para evitar la liberación prematura de memoria SKB. Consulte las notas de la versión del kernel para obtener instrucciones específicas de actualización para su distribución de Linux.
常见问题翻译中…
What is CVE-2026-43481 — Kernel Memory Corruption in Linux Kernel?
CVE-2026-43481 is a vulnerability in the Linux Kernel that can lead to a denial-of-service (DoS) due to a double-free condition in the net_shapers subsystem. It affects kernel versions up to 57885276cc16a2e2b76282c808a4e84cbecb3aae.
Am I affected by CVE-2026-43481 in Linux Kernel?
You are affected if your system is running a Linux Kernel version prior to 57885276cc16a2e2b76282c808a4e84cbecb3aae. Check your kernel version using 'uname -r'.
How do I fix CVE-2026-43481 in Linux Kernel?
Upgrade your Linux Kernel to version 57885276cc16a2e2b76282c808a4e84cbecb3aae or later. If immediate upgrade is not possible, monitor system logs for related errors.
Is CVE-2026-43481 being actively exploited?
Currently, there is no public evidence of active exploitation of CVE-2026-43481. However, the vulnerability's nature makes it a potential target for future exploitation.
Where can I find the official Linux advisory for CVE-2026-43481?
Refer to the Linux Kernel security announcements and mailing lists for the official advisory related to CVE-2026-43481. Check kernel.org for updates.
立即试用 — 无需账户
上传任意清单文件(composer.lock、package-lock.json、WordPress插件列表等)或粘贴组件列表,即可立即获得漏洞报告。上传文件只是开始:注册账号后,您将获得持续监控、Slack/邮件提醒、多项目管理和白标报告等功能。
拖放您的依赖文件
composer.lock、package-lock.json、requirements.txt、Gemfile.lock、pubspec.lock、Dockerfile...