SB20260508129 - Division by zero in Linux kernel tipc
Published: May 8, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Division by zero (CVE-ID: CVE-2026-43411)
CWE-ID: CWE-369 - Divide By Zero
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to divide-by-zero in tipc_sk_filter_connect() when handling a rejected SYN on the retry path after processing a TIPC_CONN_TIMEOUT value less than 4. A local user can set a small conn_timeout value via setsockopt and trigger the retry path to cause a denial of service.
The issue results in a kernel oops or panic.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/2754e7b3d64748643df867d1ea6fec522914b635
- https://git.kernel.org/stable/c/338c5edeb6ae3f12a4b84dff9d71f6f7f8c202c3
- https://git.kernel.org/stable/c/3bc9998041076ee05d3f312a22cee6b2ca35527f
- https://git.kernel.org/stable/c/579956f9f297eb1b6a5d24de313f3acccee1f9d5
- https://git.kernel.org/stable/c/600feb0a66a98c6b7f6f02b5f3612e75f9b8540f
- https://git.kernel.org/stable/c/6c5a9baa15de240e747263aba435a0951da8d8d2
- https://git.kernel.org/stable/c/a360d3815aae1f00dd71b7714a846482e85cc1f7
- https://git.kernel.org/stable/c/c2ebfbe63deb7bfd4dc2532bae62a7ed67713272