CVE-2026-43016

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free issue exists in the Linux kernel within the sk psock verdict data ready() function. The problem occurs in unix stream sendmsg() when the peer socket's sk data ready() is called after the unix state lock() has been dropped. While the sender socket maintains the peer's reference count, it does not prevent the peer's sock orphan() process, which can lead to the peer's sk socket being freed after one RCU (Read-Copy-Update) grace period. RCU is a synchronization mechanism that allows multiple readers to access data while a writer updates it. This can result in a slab-use-after-free when accessing sk->sk socket and sk->sk socket->ops.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.