CVE-2026-43089EPSS p2.3%

CVE-2026-43089CVE-2026-43089

linux / linux_kernel

Description

In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_mapping() struct xfrm_usersa_id has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structure before setting individual variables.

Scoring

CVSS 5.5 ()
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS0.12% probability of exploitation · percentile 2.3% · 2026-06-21T12:00:28Z
Last modified2026-06-01

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-31664
CVE
CVE-2026-43093
CVE
CVE-2026-43082
CVE
CVE-2026-31631
CVE
CVE-2026-43190
CVE
CVE-2026-43139
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.