CVE-2026-43025

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A slab-out-of-bounds read issue exists in the netfilter ctnetlink component. The problem occurs when userspace suggests a helper for a new expectation that differs from the existing master conntrack helper during the validation of CTA EXPECT CLASS. This can lead to the reading of kernel memory bytes beyond the expectation boundary, specifically within the nf ct expect related report() function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.