Use of uninitialized resource in Linux kernel - CVE-2026-43085
Published: May 7, 2026
Vulnerability identifier: #VU130678
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-43085
CWE-ID: CWE-908
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to disclose sensitive information.
The vulnerability exists due to an uninitialized memory use in nfnetlink_log NLMSG_DONE terminator handling when batching multiple NFLOG messages. A local user can trigger generation of a crafted NLMSG_DONE message to disclose sensitive information.
Four bytes of stale kernel heap data are leaked to userspace in the NLMSG_DONE message body when the queue length is greater than one.
How to mitigate CVE-2026-43085
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/15d209bccf9273b4a8b4e579ba0e92d065b6ec8c
- https://git.kernel.org/stable/c/1f3083aec8836213da441270cdb1ab612dd82cf4
- https://git.kernel.org/stable/c/368c22aea490f6f50df831b4f9e3623787686c5b
- https://git.kernel.org/stable/c/d1399632ba255d2e02c757af5d9f5d9279ce168c
- https://git.kernel.org/stable/c/d552bcfca323d175664d7444989b04f55666978a